Welcome to KRACK - the attack exposing your Wi-Fi networks

Welcome to KRACK - the attack exposing your Wi-Fi networks.



  • What is KRACK (Key Reinstallation Attack)?


KRACK




On October 16, 2017, Mathy Vanhoef, a security researcher published the discovery of at least 10 breaches affecting the WPA and WPA2 protocols, commonly known as KRACK (Key Reinstallation Attack). These breaches are not linked to cryptography, but to a bad implementation of the WPA protocol. These breaches affect all peripherals that use WPA2 (or WPA) encryption for wireless communication, affecting approximately 90% of the worldwide wireless network, according to https://wigle.net/.




  • How does KRACK work and what risks does it pose?


The question of the day is to understand how this attack works and what the associated risks are behind it.

When a client logs into a wireless network, the access point will send them a cryptographic nonce (an arbitrary number that may only be used once) to use for encryption. As this package can be lost during transmission, the process may need to be repeated several times.

What the attacker will do, is repetitively send this packet, potentially hours later. Each time this package is sent, the attacker resets the keystream, making it possible to break the encryption.

In cryptography, when a keystream is reused, it is possible for the network packets to be decoded, thus allowing an attacker to listen in on the traffic on a vulnerable access point.


  • How can you protect your Wi-Fi networks?


The security researcher also recorded a video showing an “active” attack on Android devices (phones, tablets, embedded equipment, etc.). This displayed the possibility to capture traffic that is supposed to be encrypted by adding fake SSL/TLS certificates or by redirecting the user to an encrypted page.

We also recommend that you be vigilant against browser alerts, and always check the URL bar at the top-left of the browser window. The bar or text within it should be green, or even better, have the name of the company displayed before the URL:


SSL247

One way to protect yourself is to use a connection method other than Wi-Fi, if available. Another method of protection, preferred by our security experts, is to keep yourself informed on this and other threats, and to install security updates from the manufacturer/developer on all peripheral devices that use a wireless connection.

However, it should be noted that the attacker must be within range of the Wi-Fi signal to gain access, and that the use of secure communication protocols based on SSL/TLS or SSH will not allow the attacker to intercept your connection. It is also recommended that you use a VPN to protect your traffic with an additional layer of encryption.


If you have any doubts regarding the security of your wireless infrastructure, our teams at SSL247® offer security audits on your wireless networks with our wireless penetration testing.


  • Watch this video for more information




  • These articles may also interest you


How to prepare for a penetration test

Read the article

Five questions to ask your penetration testing provider

Read the article


  • Need assistance?

Don't hesitate to try our wizard below, or visit our penetration testing and security audit page. You can also contact us directly at 0203 143 4120 for more information.


Which solution is best for your organisation?

Our pentesters have created a tailor-made questionnaire to determine the best services to solve your problems and meet your needs.

Share this:

Posted on Monday 23 October 2017 by Wesley Hall

Return to blog

Send us your comments


Your comment will not be published. If you have a question, do not forget to write your email address so that we can get back to you!