[1 minute read]
- Most of, if not all, Wi-Fi connections today use either old WPA or WPA2 protocol to securely communicate wirelessly between hosts and routers. It is supposed to provide authenticated encryption to the communication channel.
- The attack, dubbed kracks, exploits the design flows in WPA2 protocol. All protected Wi-Fi networks (including old WPA) use the 4-way handshake to generate a fresh session key.
- So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, they show that the 4-way handshake is vulnerable to a key reinstallation attack.
- The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others. If an attacker is in the vicinity of your wifi network, they will be able to do all these.
- The attack was discovered and published by two Belgian University researchers and their paper is to appear in the premier computer security conference CCS 2017. Possible remedies for the time being: make sure the sites you visit are TLS enabled (i.e. HTTPS) or use a VPN.