Security researchers and crackers have discovered several key management vulnerabilities in the core of WPA2 (Wi-Fi Protected Access II), a popular security protocol used by nearly every Wi-Fi device on the planet. This Wi-fi WPA2 vulnerabilities could allow a potential attacker to hack into your Wi-Fi network and eavesdrop on the Internet communications and perform malicious activities without your prior knowledge, importantly they could steal all data from the devices connected to Wi-Fi at that prior moment.This vulnerabilities potentially allow anyone near your router to eavesdrop on the Wi-Fi traffic being sent through it.
WPA2 is a 13-year-old Wi-Fi authentication scheme widely used to secure Wi-Fi connections, but the standard has been compromised, impacting almost all Wi-Fi devices—including in our homes and businesses, along with the networking companies that build them.
Details however, have been revealed on a dedicated site calledkrackattacks.com, named after the proof-of-concept attack called Key Reinstallation Attacks.
Read Also: Tools for maintaining password security
Dubbed KRACK (Key Reinstallation Attack) is the proof-of-concept attack demonstrated by a team of researchers’ works against all modern protected Wi-fi WPA2 networks and all of them can be abused to steal sensitive information like credit card numbers, passwords, chat messages, emails, and photos and not what more.
It is necessary to know that any correct implementation of WPA2 is likely affected since the weaknesses reside in the Wi-Fi standard/Scheme itself, and not in the implementations or any individual product. In short, What this mean is that, if your device supports WiFi, it is most likely hackable.
Read Also: How 2 use laptops as Hotspot devices
When you connect a new device to a Wi-Fi network, and type in the password, a 4-way handshake takes place that ensures the correct password is used. However, by manipulating part of this handshake, an attacker can see and decrypt much of what happens on a Wi-Fi network, even if its owner doesn’t know the password. (If you’re technically- and security-minded, you can read the full paper for more details.)
During initial research, researchers discovered that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by the KRACK attacks. It should be noted that the KRACK attack does not help attackers recover the targeted WiFi’s password; instead, it allows them to decrypt WiFi users’ data without cracking or knowing the actual password.So merely changing your Wi-Fi network password does not prevent (or mitigate) KRACK attack.
HOW KRACK WI-FI WPA2 VULNERABILITIES WORK
KRACK type of attack was discovered by researcher Mathy Vanhoef, KU Leuven, the KRACK attack works by exploiting a 4-way handshake of the WPA2 protocol that’s used to establish a key for encrypting traffic. For a successful KRACK attack, an attacker needs to trick a victim into reinstalling an already-in-use key, which is achieved by manipulating and replaying cryptographic handshake messages or influencing him by providing wrong info messages. Researcher says when the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value.
The team has successfully executed the key reinstallation attack against an Android smartphone during an event demonstrating KRACK attack, showing how an attacker can decrypt all data that the victim transmits over the so-called protected Wi-Fi.
However, there’s no need to panic, as you aren’t vulnerable to just anyone on the internet because a successful exploitation of KRACK attack requires an attacker to be within physical proximity to the intended Wi-Fi network.
Here are the 10 keys management vulnerabilities in the WPA2 protocol discovered by crackers and researchers:
• CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the four-way handshake.
• CVE-2017-13078: Reinstallation of the group key (GTK) in the four-way handshake.
• CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the four-way handshake.
• CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
• CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
• CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
• CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
• CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
• CVE-2017-13087: reinstallation of the group key (GTK) while processing a Wireless Network Management (WNM) Sleep Mode Response frame.
• CVE-2017-13088: reinstallation of the integrity group key (IGTK) while processing a Wireless Network Management (WNM) Sleep Mode Response frame.
In order to patch these Wi-fi WPA2 vulnerabilities, you need to wait for the firmware updates from your device vendors.
According to researchers, the communication over HTTPS is secure (but may not be 100 percent secure) and cannot be decrypted using the KRACK attack. So, you are advised to use a secure VPN services, which encrypts all your Internet traffic whether it’s HTTPS or HTTP.
Thankfully, there are a few things you can also do to protect yourself against this Wi-fi WPA2 vulnerabilities. These, we will dropping in our next post or thereabout so kindly bookmark and also like our Facebook page so as not to miss this.