October 16, 2017 // 10:32 a.m.
Researchers have announced the discovery of a severe flaw in Wireless Protected Access 2 (WPA2), the most commonly used cryptographic authentication and encryption scheme for Wi-Fi networks, which allows for complete decryption, packet replay, content injection, and connection hijacking attacks to be carried out when within range of any access point or client device.
The attack, dubbed the Key Reinstallation Attack (KRACK), discovered by Mathy Vanhoef with supervision from Frank Piessens of KU Leuven, was publicly announced today following private briefings over the weekend. Using the techniques discovered by the researchers, KRACK exploits vulnerabilities in the WPA2 standard itself, meaning any and all Wi-Fi devices, from smartphone clients to enterprise-grade access points, are vulnerable to attacks including the ability to capture and decrypt traffic, replay captured packets into the stream, inject malicious content into web traffic, and hijack TCP connections for malicious purposes.
'Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on,' the pair warn. 'The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.'
Given the ubiquity of Wi-Fi and WPA2, the flaw is a severe one - though the researchers' warnings that all traffic can be decrypted and monitored ignores the presence of additional layers of security, such as TLS connectivity, on top of the WPA2 encryption which would prevent such information disclosure. An even bigger issue is the often woeful support lifetime of mobile and embedded devices, where patches are unlikely to be made available by the manufacturer to resolve the issue.
For those seeking more detailed information on the attack, the research paper (PDF warning) is available now. Thus far, no manufacturers or software vendors have come forward to offer a timescale for patching the flaw in their products. The Wi-Fi Alliance, however, has issued a security update pledging to test for the KRACK vulnerability as part of the standard Wi-Fi certification procedure and work with its members to develop and issue patches for existing devices.