- Mensajes: 254
- Karma: 1
- Gracias recibidas: 23
Today a collection of severe security vulnerabilities in the WPA2 encryption protocol for Wi-Fi are being disclosed, along with a proof of concept exploit. The weaknesses center around the process used for negotiating the encryption keys used by the client and access point. These core vulnerabilities are part of the Wi-Fi Protected Access WPA standard itself, so even devices that correctly implement WPA2 according to spec are expected to be affected. Both personal and enterprise WPA modes are affected, and both the original WPA and WPA2 are affected. The primary mode of attack exploits vulnerabilities in client devices, but there are some variants that affect features used by some access points.
Researcher Mathy Vanhoef of KU Leuven, Belgium’s highest-ranked university, uncovered a vulnerability in the WPA2 encryption standard of the Wi-Fi protocol that affects virtually all Wi-Fi devices.
Attackers can use key reinstallation attacks (KRACKs) when in range of someone connecting to a Wi-Fi router to re-install or reset to zero their encryption keys, thus allowing them to read information that was assumed to be encrypted.
Weakness In The Wi-Fi WPA2 Standard
The vulnerability is in the Wi-Fi WPA2 standard itself, not in the implementations of the protocol, which means that even if it's correctly implemented devices are still vulnerable to attacks. In the researcher’s own tests, he found that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and other platforms were all affected by some variant of the attacks.
Vanhoef was able to decrypt a large number of packets when testing across the platforms mentioned, but the traffic of Android 6+ and Linux devices was even easier to decrypt than the other platforms. That's because these devices’ WPA2 keys could be reset to zero, so in essence all traffic could then be decrypted.