Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping | Ars Technica

An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severe vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points. 

There is a proof-of-concept exploit called KRACK, short for Key Reinstallation Attacks. KRACK attack allows nasties, including eavesdropping, connection hijacking and malicious injection.
The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.


  1. Tomi Engdahl says:

    Researchers briefed on the vulnerabilities said they are indexed as: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088. One researcher told Ars that Aruba and Ubiquiti, which sell wireless access points to large corporations and government organizations, already have updates available to patch or mitigate the vulnerabilities.


  2. Tomi Engdahl says:

    should use HTTPS, STARTTLS, Secure Shell and other reliable protocols to encrypt Web and e-mail traffic as it passes between computers and access points.

  3. Tomi Engdahl says:

    WEP is dead, WPA2 is crackable

  4. Tomi Engdahl says:

    It is important to note that the vulnerability is discovered in the protocol itself, so even a correct implementation is affected.

  5. Tomi Engdahl says:

    ‘All wifi networks’ are vulnerable to hacking, security expert discovers

    WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed

    The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.

    Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.

    “Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,”

    Vanhoef emphasised that “the attack works against all modern protected wifi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

    The vulnerability affects a number of operating systems and devices, Vanhoef says, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others.

    “If your device supports wifi, it is most likely affected,”

    The researchers have given the weakness the codename Krack, short for Key Reinstallation AttaCK.

    Alex Hudson, the chief technical officer of subscription service Iron, says that it is important to “keep calm”.

    “There is a limited amount of physical security already on offer by wifi: an attack needs to be in proximity,” Hudson writes. “So, you’re not suddenly vulnerable to everyone on the internet. It’s very weak protection, but this is important when reviewing your threat level.

    Different devices and operating systems are impacted to differing degrees based on how they implement the WPA2 protocol. Amongst the worst hit are Android 6.0 (Marshmallow) and Linux, due to a further bug that results in the encryption key being rewritten to all-zeros; iOS and Windows, meanwhile, are among the most secure, since they don’t fully implement the WPA2 protocol, dodging one weakness. No tested device or software was fully immune to the weakness, however.

  6. Tomi Engdahl says:

    Key Reinstallation Attacks
    Breaking WPA2 by forcing nonce reuse

    As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key

  7. Tomi Engdahl says:

    Android and Linux

    Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will install an all-zero encryption key instead of reinstalling the real key. This vulnerability appears to be caused by a remark in the Wi-Fi standard that suggests to clear the encryption key from memory once it has been installed for the first time. When the client now receives a retransmitted message 3 of the 4-way handshake, it will reinstall the now-cleared encryption key, effectively installing an all-zero key. Because Android uses wpa_supplicant, Android 6.0 and above also contains this vulnerability. This makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices. Note that currently 41% of Android devices are vulnerable to this exceptionally devastating variant of our attack.

    Do we now need WPA3?

    No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.

    Should I change my Wi-Fi password?

    Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack.


  8. Tomi Engdahl says:

    Here’s what you can do to protect yourself from the KRACK WiFi vulnerability

    Security researcher Mathy Vanhoef publicly disclosed a serious vulnerability in the WPA2 encryption protocol today. Most devices and routers currently rely on WPA2 to encrypt your WiFi traffic, so chances are you’re affected.

    you’re affected.

    But first, let’s clarify what an attacker can and cannot do using the KRACK vulnerability. The attacker can intercept some of the traffic between your device and your router. If traffic is encrypted properly using HTTPS, an attacker can’t look at this traffic. Attackers can’t obtain your Wi-Fi password using this vulnerability. They can just look at your unencrypted traffic if they know what they’re doing. With some devices, attackers can also perform packet injection

  9. Tomi Engdahl says:

    Good news! Your devices can be updated to prevent the KRACK vulnerability. Updated devices and non-updated devices can co-exist on the same network as the fix is backward compatible.

    So you should update all your routers and Wi-Fi devices (laptops, phones, tablets…) with the latest security patches. You can also consider turning on auto-updates for future vulnerabilities as this won’t be the last one. Modern operating systems have become quite good at auto-updates. Some devices (ahem Android) don’t receive a lot of updates and could continue to pose risks.


  10. Tomi Engdahl says:

    KrackAttacks: What you need to know

    Wi-Fi was not built to withstand the security challenges of the 21st century , and many cyber security experts advise caution when using it. And those warnings became more relevant than ever today after the disclosure of a series of Wi-Fi vulnerabilities. Attackers can exploit these vulnerabilities to perform a wide variety of attacks, including intercepting and modifying your internet traffic while it’s exchanged between devices and routers.

    But the worst part of it is that it’s an issue with Wi-Fi protocols, which means it affects practically every single person in the world that uses Wi-Fi networks.

  11. Tomi Engdahl says:

    A Security Flaw In WiFi Has Been Discovered That Means You Can See All Information Sent Over A Network If You’re Close Enough

  12. Tomi Engdahl says:

    WPA2 bug leaves virtually all WiFi networks at risk of hacking, research shows

    A Belgian researcher has discovered disconcerting weaknesses in the 14-year-old WPA2 protocol & security certification program devised by the Wi-Fi Alliance to secure all modern protected wireless computer networks.

    “An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs),” Mathy Vanhoef of KU Leuven University writes on a website dedicated to the finding.

    “Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.”

  13. Tomi Engdahl says:

    Update Windows now, and watch for an iOS, macOS and Android update soon

    Microsoft already published a KRACK fix, Apple and Google are working on it

    First, you should update your WiFi access point. If you’re using your default ISP router, there’s not much you can do about it.

    If you’re worried, you can also buy a separate WiFi access point, plug it to your router and disable WiFi on your router.

    Microsoft already published a KRACK fix, Apple and Google are working on it
    Posted 5 minutes ago by Romain Dillet (@romaindillet)

    Security researcher Mathy Vanhoef publicly disclosed a serious vulnerability in the WPA2 encryption protocol yesterday that affects all devices that use WiFi. While we’ve listed many ways to protect yourself against KRACK, the best way to completely eradicate it from your network is to update all your WiFi devices. And some companies have been faster than others.

    First, you should update your WiFi access point. If you’re using your default ISP router, there’s not much you can do about it. Ask the company if they patched it, look for the user guide to find out how you can access the configuration panel and force an update.

    If you’re worried, you can also buy a separate WiFi access point, plug it to your router and disable WiFi on your router. Owen Williams have been doing a good job tracking the status of all the various updates, even if you have an access point from an unknown vendor. Ubiquiti, Microtik, Meraki, Aruba and FortiNet updated their respective firmware in no time.

    But updating your access points isn’t enough. You also need to update your devices. Otherwise, if you connect to an unknown WiFi network that hasn’t been patched, somebody can still look at your unencrypted internet traffic and collect some sweet personal data about you.

    So let’s look at the device makers. Microsoft is leading the charge here. The Verge first reported that Microsoft has already issued a security patch for Windows 7, Windows 8, Windows 8.1 and Windows 2.

    Apple also has a patch up its sleeve

    Apple is going to release macOS 10.11.1 and iOS 11.1 in the coming weeks

    But what about Android devices? This is where it becomes tedious. Devices running Android 6.0 and later are more vulnerable than other devices. It is trivially easy to perform a key reinstallation attack because of a bad implementation of the handshake mechanism in the WiFi stack.

    Google said that the November 6 patch would fix the issue. Google’s own devices will receive the update instantly, but it’s going to take some time before device manufacturers and carriers approve the update. In fact, it could take weeks or months. Android fragmentation isn’t ideal in those cases.

  14. Tomi Engdahl says:

    Why KRACK could hit your smart home’s Wi-Fi the hardest

    Smart devices and appliances, everything from your refrigerator to your television, are ideal targets for hackers thanks to the KRACK exploit.

    The latest massive security vulnerability hits close to home.

    It’s called KRACK, short for Key Reinstallation Attack, and it’s a vulnerability that affects any Wi-Fi connection using the common encryption method WPA2. That means pretty much any device using Wi-Fi is fair game.

    The good news is your phones and laptops are likely safer from attacks thanks to rapid security updates. The bad news: your smart home gadgets may not be so lucky.

    The attack is the latest reminder of the pitfalls we face when it comes to our increasingly smart, connected devices. When your television and refrigerator hold sensitive information like Netflix or Amazon logins, they become potential targets for hackers. It’s a problem that’s going to get worse as the internet of things grows and we further surround ourselves with gadgets that talk to each other.

  15. Tomi Engdahl says:

    WPA2 was kracked because it was based on a closed standard that you needed to pay to read

    How did a bug like krack fester in WPA2, the 13-year-old wifi standard whose flaws have rendered hundreds of millions of devices insecure, some of them permanently so?

    Thank the IEEE’s business model. The IEEE is the standards body that developed WPA2, and they fund their operations by charging hundreds of dollars to review the WPA2 standard, and hundreds more for each of the standards it builds upon, so that would-be auditors of the protocol have to shell out thousands just to start looking.

    It’s an issue that Carl Mamamud, Public Resource and the Electronic Frontier Foundation have been fighting hard on for years, ensuring that the standards that undergird public safety and vital infrastructure are available for anyone to review, audit and criticize.

    Any impediment to independent scrutiny of standards is a form of high-interest, high-risk technology debt and the bill always comes due.

  16. Tomi Engdahl says:


    ON MONDAY, THE security community scrambled to unpack Krack, a fundamental vulnerability in the ubiquitous, secure Wi-Fi network standard known a WPA2. Though some of the most popular devices are mercifully already protected (like most of those that run Windows and iOS), a staggering population remains exposed to data theft and manipulation every time they connect to WPA2 Wi-Fi. But as another interminable patching process begins, a different conversation is picking up, too, about how to catch flaws in crucial standards more quickly, and make it easier to patch them.
    No software is perfect. Bugs are inevitable now and then. But experts say that software standards that impact millions of devices are too often developed behind closed doors, making it difficult for the broader security community to assess potential flaws and vulnerabilities early on.

  17. Tomi Engdahl says:

    “There are quite a few other IEEE standards that shared the same fate as WPA2, from vehicular communications to healthcare IT, which are only available in a timely fashion for significant sums,” says Emin Gun Sirer, a distributed systems and cryptography researcher at Cornell University. “There’s an academic program, but it only makes standards available to academics six months after they have been published, which is far after they have been implemented and buried deep within devices.”

  18. Tomi Engdahl says:

    WPA2 security flaw puts millions of devices at risk – Here’s how to stay safe

  19. Tomi Engdahl says:

    Dieter Bohn / The Verge:
    Google patches Wi-Fi KRACK flaw in Android, adds new saturated color display option in Pixel 2 and Pixel 2 XL, releases fix for Pixel 2 “clicking” noise

    The regular, monthly patches for the Pixel are one of the main reasons to buy a Google phone instead of another Android device. This month, however, the company has done more than add the usual security fixes. For the Pixel 2 and Pixel 2 XL, it has also layered on a bunch of bug fixes and new features. The most important of which, as Android Central reports, are new options for color saturation.

  20. Tomi Engdahl says:

    Ron Amadeo / Ars Technica:
    Pixel and Nexus devices won’t get KRACK patch until December, which shouldn’t matter much since Android doesn’t rely on WPA2 for security

    Pixel won’t get KRACK fix until December, but is that really a big deal?
    Android never relied on WPA2 for security, so breaking it shouldn’t matter much.

    In October, security researchers discovered a major vulnerability in a Wi-Fi’s WPA2 security called “KRACK.” This “Key Reinstallation Attack” can disrupt the initial encryption handshake that happens when an access point and a device first connect, allowing an attacker to read information assumed to be securely encrypted. It’s possible to totally defeat WPA2 encryption using KRACK, allowing a third party to sniff all the Wi-Fi packets you’re sending out. Any device that uses Wi-Fi and WPA2 is most likely vulnerable to the bug, which at this point is basically every wireless gadget on Earth.

    Google and the rest of the OEMs are working to clean up Android’s KRACK epidemic, and, on Monday, Google addressed the bug in the November Android Security Bulletin. A patch was posted this week to the Android Open Source Project (AOSP) repository, and, at the same time, Google started rolling out a November security update to Google Pixel and Nexus devices. But if you read the bulletin closely, you’ll see the November security patch for Google devices does not contain the KRACK fix.

    How whack is KRACK on Android, really?

    The KRACK vulnerability affects nearly all Wi-Fi devices, but the researchers put a big target on Android specifically when they said the attack was “exceptionally devastating against Linux and Android 6.0 or higher.” The reasoning the post laid out was that because Android could be tricked via KRACK into installing an all-zero encryption key, the researchers claimed it was “trivial to intercept and manipulate traffic sent by these Linux and Android devices.”

    KRACK can essentially completely break WPA2 security, but the thing is, while Android does use WPA2 for encryption where available, Android doesn’t rely on WPA2 for security. Android is used to running on a variety of networks. It has to deal with hundreds of carrier configurations around the world, that random coffee shop hot spot that you share with a bunch of strangers, and sometime just connecting to an unencrypted, open Wi-Fi connection. Android already assumes the network is hostile, so even if you break WPA2 security, you’re only treated to a stream of individually encrypted connections. All the Google apps come with their own encryption, and Google’s development documents tell developers to “Send all network traffic from your app over SSL.” Connecting to websites with HTTPS (like Ars Technica!) will still be secure, and all of Android’s back-end Play Services stuff, like the 24/7 connection to Google, is also encrypted.

    KRACK is a big deal for some devices, but it’s mainly those that use WPA2 as their primary form of security. A lot of times this is IoT stuff like video cameras or “dumber” devices like a printer.


Leave a Comment

Your email address will not be published. Required fields are marked *