WPA 2 security protocol may have been cracked

Yolanda Curtis
October 16, 2017

Only connect to secured services. This happens through an error in the handshake inbetween the devices and the Wi-Fi router. WPA2 - the de facto standard for Wi-Fi password security worldwide - may have been compromised, with huge ramifications for nearly all of the Wi-Fi networks in our homes and businesses as well as for the networking companies that build them.

Major wireless vendors may already be working on patches, but how long they'll take to roll out is unclear.

The security issue was discovered by Mathy Vanhoef at the Katholieke Universiteit Leuven in Belgium.

"Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted", the vulnerability disclosure warns."The attack works against all modern protected Wi-Fi networks". To prevent the attack, users must update affected products as soon as security updates become available. But given the nature of this security flaw, it likely won't turn WPA2 into WEP, the earlier Wi-Fi encryption standard, which is thoroughly insecure in all implementations and easily crackable by anyone within minutes. Rather, it's in the implementation. It can be exploited to access virtually any information being transmitted over a Wi-Fi connection, including login credentials, photos, financial information and more. Once a connection is fully established, the client and access point regularly rotate the encryption keys to new ones derived from the pre-shared key.

No matter how strong the passwords of Wi-Fi devices at your home or workplace are, if your devices are not updated with new patches, hackers will be able to compromise protocol-level security flaws to eavesdrop on your Wi-Fi traffic at all times.

But besides being an impressive technical achievement, this is the type of problem that will likely haunt us for many years to come. By detecting and replaying the third part of the four-way handshake, attackers can force the reinstallation of the encryption key, allowing them to access the packets being transmitted. The only main limitation is that an attacker needs to be within range of a victim to exploit these weaknesses.

All platforms are vulnerable, but the paper notes that Android 6.0 and later - along with Linux - is a particularly easy target, an attack against these devices being described as "trivial" ... In such cases, the encryption between the router and client device will be completely broken.

On a positive note, remote attacks using this exploit alone are impossible as the hacker would need to be in physical proximity to the router Alan Woodward, encryption expert from the University of Surrey explained that the attack is not scalable: "It's a very targeted attack".

However, many websites improperly set up HTTPS. Vanhoef manages to steal the user's Match.com password and username. The attack is not limited to capturing e-mail addresses or passwords but all the data can be decrypted. Meanwhile, newer networks using the short-range Wireless Gigabit (IEEE 802.11ad) standard generally use GCMP, which uses the same authentication key for both directions of communication between the client and access point, so a KRACK attack can allow for decryption of transmissions from either device.

It is also possible to decrypt data sent towards the victim.

Other reports by iNewsToday