KRACK Attacks Break WPA2

[grarpamp]

https://www.krackattacks.com/
https://papers.mathyvanhoef.com/ccs2017.pdf
https://www.mathyvanhoef.com/p/publications.html

Key Reinstallation Attacks
Breaking WPA2 by forcing nonce reuse
Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven

We discovered serious weaknesses in WPA2, a protocol that secures all
modern protected Wi-Fi networks. An attacker within range of a victim
can exploit these weaknesses using key reinstallation attacks
(KRACKs). Concretely, attackers can use this novel attack technique to
read information that was previously assumed to be safely encrypted.
This can be abused to steal sensitive information such as credit card
numbers, passwords, chat messages, emails, photos, and so on. The
attack works against all modern protected Wi-Fi networks. Depending on
the network configuration, it is also possible to inject and
manipulate data. For example, an attacker might be able to inject
ransomware or other malware into websites.

The weaknesses are in the Wi-Fi standard itself, and not in individual
products or implementations. Therefore, any correct implementation of
WPA2 is likely affected. To prevent the attack, users must update
affected products as soon as security updates become available. Note
that if your device supports Wi-Fi, it is most likely affected. During
our initial research, we discovered ourselves that Android, Linux,
Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all
affected by some variant of the attacks. For more information about
specific products, consult the database of CERT/CC, or contact your
vendor.

The research behind the attack will be presented at the Computer and
Communications Security (CCS) conference, and at the Black Hat Europe
conference. Our detailed research paper can already be downloaded.