KRACK

Severity: Critical
Dispersion:
Operating System:
Category: Vulnerabilities
Sources: Arstechnica, Alexhudson, US-CERT

From Alert
It has now been uncovered critical vulnerabilities in the WPA2 encryption protocol for Wifi. The vulnerability makes it possible for attackers to listen into the traffic between machines and access points. The Proof of concept vulnerability is called KRACK, short for “Key Reinstallation Attacks”.

Description

In a “Key Reinstallation Attack”, the attacker tricks the receiver into reinstalling the encryption key already being used. This is done by manipulating and resending a cryptographic handshake message. When the receiver reinstalls the key, the associated parametres like random cryptographic number (nonce) and received packet number (replay counter) be reset to its initial value. In order to guarantee the safety the key should only be installed and used once. This is however not ensured in the WPA2 protocol. By manipulating the hanshake it can be abused as shown beneath:

In order to prevent these types of attack, patching is necessary of all network able equipment like access points, mobile phones, repeaters, IoT devices and so on. Most of the biggest vendors have made available patches and firmware fixes as of now, the biggest issue are IoT devices that rarely see any updates if any at all.

Name of Vulnerabilities

CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

Recommended actions

Cyberon Security recommends the following:

Check with the suppliers for your wifi enabled equipment for applicable hotfixes.

Segmentation of the Wifi from important systems and servers which do not need access Wifi access.

More information:

https://www.alexhudson.com/2017/10/15/wpa2-broken-krack-now/

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: