Mathy Vanhoef, a postdoctoral researcher at Belgium’s University of Leuven, recently uncovered what he described as “serious weaknesses in WPA2.”
The vulnerabilities enable attacks, called KRACKs (for “key reinstallation attacks”), which involve tricking the victim into reinstalling an already-in-use encryption key.
Doing so involves manipulating and replaying cryptographic handshake messages. “When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value,” Vanhoef explained.
“Essentially, to guarantee security, a key should only be installed and used once,” Vanhoef added. “Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.”
The exploit can be leveraged to view any and all sensitive data such as credit card numbers, passwords, emails, photos, etc. — and depending on the configuration of the network, an attacker may also be able to inject and manipulate data, injecting ransomware or other malware into websites.
The attack works against all Wi-Fi networks using WPA2.
Update… if Possible
“To prevent the attack, users must update affected products as soon as security updates become available,” Vanhoef wrote. “Note that if your device supports Wi-Fi, it is most likely affected. During our intial research, we discovered ourselves that Android, Linux, Windows, OpenBSD, MediaTek, Linksys and others are all affected by some variant of the attacks.”
Similarly, a US-CERT announcement regarding the flaws notes, “The vulnerabilities are in the WPA2 protocol, not within individual WPA2 implementations, which means that all WPA2 wireless networking may be affected. Mitigations include installing updates to affected products and hosts as they become available.”
Still, VASCO Data Security innovation security architect Dr. Steven Murdoch noted by email that many manufacturers simply don’t fix vulnerabilites in older products. “It is likely that the vulnerability will persist for years, through to end-of-life and up to disposal, in products such as Android smartphones and Wi-Fi routers,” he said.
“This unfortunate situation has led to calls for hardware manufacturers to prominently state how long they will continue to supply security updates for products they sell,” Murdoch added.
Bastille CEO Chris Risley said by email that the news is proof that new vulnerabilities are still being found even in longstanding wireless protocols like Wi-Fi. “Recent wireless vulnerability discoveries like MouseJack, KeySniffer and BlueBorne demonstrate that using wireless protocols requires constant vigilance to avoid emerging security issues,” he said.
“Unlike wired networks, where access is limited to those on the wire, wireless protocols operate out in the open where anyone can eavesdrop or even join in,” he said. “So if you’re using wireless for any part of your operation, then your company’s security team should be listening to your own radio space, so that you have the same situational awareness that you have on your wired network.”
Arxan Technologies vice president of product management Rusty Carter said app developers need to stop relying on the network to manage security, and need to start taking matters into their own hands by encrypting data before transit within the app. “This way, if the network is compromised through something like this vulnerability, the data and user’s information is still protected,” he said.