Security researchers have revealed bad news for WiFi wireless networks everywhere. Several key management vulnerabilities in the 4-way handshake of the WPA2 security protocol, which helps to keep modern Wireless Local Area Networks (WLAN) secure via encryption, have been found.
Hopefully by now everybody has ensured that their home wireless network and devices are all connected using the latest Wi-Fi Protected Access II (WPA2) method of encryption, which has so far served us all well. The bad news is that a string of new vulnerabilities have been discovered that could result in WPA2 secured networks being decrypted, hijacked and generally abused (it works against both WPA1 and WPA2 – personal and enterprise networks – and against any cipher suite being used like WPA-TKIP, AES-CCMP and GCMP).
As the US Computer Emergency Readiness Team (US-CERT) states, "The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected."
The details of all this are due to be published shortly via several vulnerability announcements (CVE-2017-13077, 13078, 13079, 13080, 13081, 13082, 13084, 13086, 13087, 13088) and the collection of flaws are being referred to as KRACK (aka – Key Reinstallation Attacks). A dedicated website has even been setup by the researchers to provide information on the incoming problem – https://www.krackattacks.com.
Statement by the Researchers
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.
The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.
So we're all doomed, right? Well.. yes and no. Certainly if you read a lot of this morning's media coverage then you'd be forgiven for thinking that the sky was about to fall and hackers are due to break into all your home networks and / or devices. KRACK is certainly no laughing matter and it is indeed a very a serious problem, although it's important to put these things into some common sense perspective.
The detailed research paper on KRACK (no pun intended) covers what appears to be quite a complex method of breaking through WPA2 and it's one that, due to some flaky implementation of WiFi standards (802.11), won't work effectively (yet) on Microsoft Windows or Apple iOS machines / devices. The paper largely focused upon Android based Smartphone and Tablets, which is thus where most of the problem resides.
On top of that there's currently no known public attack code available to exploit the vulnerabilities, although that will no doubt change, and any hacker would need to be both very skilled and also situated in close proximity to your network kit in order to conduct the attack.
The good news is that the industry doesn't need to create WPA3 in order to tackle the problem because it's patchable. The bad news is that some broadband routers and other software or device manufacturers, as well as many users themselves, can be quite poor when it comes to keeping their systems up-to-date. Suffice to say, keep an eye out for the latest patches and deploy them.
One other thing to note is that the main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. "So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones," said the researchers.
The researchers are now moving on to ponder whether other protocol implementations are also vulnerable to key reinstallation attacks. Protocols that appear particularly vulnerable are those that must take into account that messages may be lost. "After all, these protocols are explicitly designed to process retransmitted frames, and are possibly reinstalling keys while doing so," said the team.