KRACK Vulnerability: Our Secure Wifi Isn’t So Secure Anymore.

Posted on by Zohair Akhtar
KRACK
KRACK means the WPA2 protocol is no more fully secure.

We are all used to checking that WPA2 box whenever we want to set up a brand new Wi-Fi network.

But the thing is, most of us don’t really know why we do that.

We probably do it because someone advised us to do so.

In fact, we wouldn’t even remember when did we start checking that WPA2 box.

Regardless, checking that WPA2 checkbox is a solid practice.

WPA2 is short for Wi-Fi Protected Access 2.

And it is considered as the existing industry standard that helps safe communication by encrypting online traffic that goes through Wi-Fi networks.

WPA2 security protocol stops eavesdroppers from stealing other people’s sensitive information.

This particular security protocol has held its position as the most secure protocol since 2004.

There is simply no other option that is currently more secure than WPA2.

And this is the reason why we see WPA2 networks just about everywhere on the planet.

Here is a new fact though:

WPA2 isn’t as secure as we may seem to think it is.

In other words, WPA2 is actually quite vulnerable to a cryptographic attack.

Researchers have recently found out that WPA2’s cryptographic protocol has a serious flaw.

Hackers can exploit this flaw to steal and read data.

We’re talking about data that we presume is protected via encryption.

But according to Mathy Vanhoef (who works at KU Leuven in Belgium) and his research, the WPA2 isn’t that secure anymore.

In fact, if the conditions are favorable enough, this new vulnerability could even allow hackers to manipulate and change data that goes through a particular Wifi network.

Hackers could also use the same vulnerability to inject new content or data into the network.

What does that mean in practice?

Well, it means that using the KRACK vulnerability, hackers could potentially steal a user’s,

  • Password
  • Manipulate commands
  • Intercept the user’s financial data
  • Send the user’s money to their own accounts

They could do a ton of other things that we think we should leave off for the public good.

Of course, people need to stay calm because it isn’t as simple as the hacker using his/her internet connection to hack your sensitive information.

The attacker must have close proximity to the target’s Wi-Fi network or device physically speaking.

If the attacker is not within range of a given Wi-Fi network, then the attacker can’t launch any assault.

This limitation though small, is very important.

But as we mentioned before, WPA2 wifi networks are ubiquitous.

If we are talking about numbers then probably tens of millions of devices use Wifi via the WPA2 protocol.

If we are talking about the whole planet, then the number could even reach a billion.

Hence, this small KRACK vulnerability has the potential do so an enormous amount of damage.

Vanhoef urged readers to know that any correct and proper implementation of the WPA2 security protocol was likely affected.

What Should The Users Do Stop KRACK Vulnerability Attacks?

KRACK_affects_wifi
The WPA2 protocol powers almost all modern WiFi networks. So this new vulnerability could have huge consequences.

 

Vanhoef recommends that if users want to prevent such attacks they must update their affected products as soon as possible.

Manufacturers will roll out security updates in the coming weeks.

And users need to make sure they apply them as they become available.

Vanhoef also pointed out that if a user’s device had support for Wi-Fi, it probably had the KRACK vulnerability.

KRACK Vulnerability: Poor Handshake

Where does the actual weakness lie then?

Well, as it turns out, the real weakness lies in WPA2 protocol’s exclusive four-way handshake.

The four-way handshake is basically a procedure.

It determines if the user and the access point have matching credentials.

If they don’t match, then the user can’t join the network that a specific access point is offering.

The four-way handshake does one other very interesting thing:

It generates an encryption key.

This is basically the third step in the four-step communication process.

The four-way handshake procedure generates the encryption key in order to protect each user’s session.

However, the KRACK vulnerability, the newly discovered exploit, can disrupt that process.

Where Did We Come Up With The Name KRACK Vulnerability?

We didn’t.

Actually, Vanhoef came up with that.

Vanhoef called the new vulnerability as KRACK.

KRACK is short for Key Reinstallation Attack.

This vulnerability allows hackers to mess around with and/or record and then replay the third-step message in the four-way handshake procedure.

In other words, the KRACK vulnerability allows hackers to reinstall that encryption or cryptographic key that the four-way handshake may already be using.

And when hackers have the ability to reuse the encryption key, they also have the option to reset the counters for lots of other things.

Other things such as,

  • How many bits of data or packets have transferred through the network
  • How many packets has the user received for a given key

Hackers can reset the tallies for all these statistics.

Then hackers can use the KRACK vulnerability to replay and then decrypt packets.

They can even forge bits of data or packets if the conditions are right.

What Does All Of This Mean?

KRACK_affects_routers
Routers, as well as Android devices, are at risk

All of this means that hackers can manipulate certain WPA2 protocol contingency steps.

These contingency steps basically protect the four-way handshake procedure from completely failing if and when the third-step communication drops or gets lost.

Readers should know that sometimes such scenarios can happen naturally as well.

This is the reason why researchers are always trying to develop WPA2 in order to make it more secure.

The WPA2 standard is also known as the IEEE 802.11i.

Recently Wi-Fi Alliance, an industry working group, came out and published a new mathematical proof by analyzing WPA2 security protocol’s four-way handshake implementation.

According to Vanhoef, the KRACK vulnerability does not conflict with that mathematical proof.

Just to take an example, attacks carried via the KRACK vulnerability don’t really leak any of the encryption keys.

In fact, the KRACk vulnerability actually keeps them as they are, that is, private.

Attacks carried via the KRACK vulnerability also allow all the other steps in the four-way handshake to continue and play out in order to verify the given user’s identity and that of the access point.

To put it another way, Wi-Fi Alliance researchers came out with an accurate proof.

However, according to Vanhoef, the proof was not exhaustive.

WPA2 Is Not Fool Proof Because Of KRACK Vulnerability

A cryptographer at the John Hopkins University, Matthew Green recently said that WPA2’s complicated crypto was a fertile ground for bugs.

And lots of them.

He also said that the problem was not that were a ton of harmful bugs in WPA2 protocol.

It was just that it would be very hard for developers to patch the most low-cost of consumer devices.

Hence, one bad bug is all that it would take to mess up a lot of people’s devices for quite some time.

Even years.

KRACK Vulnerability And Its Release

Since the KRACK vulnerability focuses on WPA2 protocol’s four-way handshake, that means a couple of things.

First, it means that hackers can possible launch KRACK attacks on most devices that support Wifi.

And there are tons of such devices out there in the wild.

We’re talking about devices that run on operating systems such as Linux and Android.

Second, the KRACK vulnerability also affects the infinite list of Internet of Things devices along with embedded devices that companies like Linksys churn out.

According to researchers, developers must patch all of these devices.

We all know that would be a painfully slow process.

Especially if one wants to patch up all the Internet of Things devices and WiFi routers.

Not Everything Is Bad With Krack Vulnerability Situation

KRACK_makes_WPA2_insecure
Consumers can take small steps to protect themselves against KRACK.

In other words, there is some good news at least.

That good news is that, updated version of Windows and iOS operating system don’t have to worry about the KRACK vulnerability.

For now.

But they aren’t invulnerable to the KRACK vulnerability.

Devices that run on Windows and on iOS (recent versions) are susceptible to the KRACK vulnerability in very few circumstances.

Why is that?

It is because of the way Microsoft and Apple have implemented the WPA2 security protocol standard.

Apple and Microsoft implementation methods mean that their operating systems can effectively prevent resends of WPA2 four-way handshake’s third handshake message.

But there is no doubt about the fact that developers will have to patch up millions and millions of devices.

In other words, the KRACK vulnerability would impact millions of devices.

And hence, developers have a huge challenge on their hands to fix each of those devices.

The Problem With KRACK Vulnerability WPA2 Patch

Since the flaw exists in the WPA2 protocol, this means that developers can patch is accordingly.

But the problem is that different companies make use of different approaches when it comes to installing the WPA2 protocol in their devices and other products.

And that creates a patchwork of more vulnerabilities and exposures in practice.

Recently the Wi-Fi Alliance came out with an official statement and said that the alliance not required proper testing for the KRACK vulnerability within their global certification lab network.

Moreover, the WiFi Alliance said that it had provided a KRACK vulnerability detection tool as well.

Any Wi-Fi Alliance member could use the tool to detect KRACK vulnerability on a given device.

Of course, that will help developers secure new devices.

But what about the devices that have already made it to the market?

Open Crypto Audit Project director, Kenneth White, said that he considered it as a problem in the very core design of how different procedures managed keys and how they assured integrity.

He also said that when every Wi-Fi device and/or client had KRACK was vulnerable to some of the newly found flaws, the standard in question was underspecified and hence flawed.

He also said that in his opinion many millions of devices that had internet connection would never receive the KRACK vulnerability fix.

What Does The KRACK Vulnerability Mean for Consumers?

As far as consumers are concerned, they can immediately take a couple of actions to protect themselves against the KRACK vulnerability.

But before that, let’s take a look at what won’t work against the KRACK vulnerability.

Changing your Wi-Fi network’s password won’t protect you against the KRACK vulnerability.

Neither will buying a new router.

The truth is, consumers can do very little to protect themselves against the KRACK vulnerability.

They have to wait for the manufacturers of their devices and other software developers to release related patches.

Consumers will also have to rely on these developers and companies to make sure that they have an easy way to apply those security updates if and when they do come out

Does The KRACK Vulnerability Mean I should Not Use WPA2?

No.

It doesn’t mean that.

In fact, there is no reason for you to not still use WPA2.

WPA2 still has some protections that make it a worthwhile option despite the risks.

Remember, it isn’t necessary that someone near you might try to hurt you by exploiting the KRACK vulnerability.

Again, the best course of action for any consumer is to install any and all updates for all of his/her devices as soon as they become available.

MOreover, users should make sure that they don’t share their sensitive data on all websites.

They should only do so for websites that use the industry-standard HTTPS encryption.

Additionally, consumers can use VPN service providers to add an additional layer of security to their networks.

There are tons of VPN service providers in the market and not all of them are great.

Click here if you want to know which are the best VPN service providers in the market today.

What About Large Corporations And Government Agencies?

They should focus on architecting their networks with several layers of security and protection.

In other words, they should on hinge the security of their data on any one given standard.

An analyst for Erratasec, a cybersecurity firm, Robert Graham recently said that the KRACK vulnerability highlighted that enterprise networks needed to secure themselves even if they had the WPA2 security protocol enterprise protection.

He also noted that people should start thinking about segmented networks.

That would ensure that one compromised network component wouldn’t enable hackers to access everything else.

He also said that concerned parties should implement other techniques such as isolation.

That would ensure that a given Wi-Fi client wouldn’t have the capability to talk to another one.

Krack Vulnerability Conclusion

Needless to say, the KRACK vulnerability will have widespread repercussions.

And hence developers will find it hard to fix it.

Therefore, the best thing developers can do now is to soften the impact or the damage that KRACK could cause.

For consumers, this means that they should avoid connecting to public Wi-Fi networks.

It turns out not all paranoia is completely unwarranted.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.