Wifi (WPA2) is broken

[1 minute read]



  • Most of, if not all, Wi-Fi connections today use either old WPA or WPA2 protocol to securely communicate wirelessly between hosts and routers. It is supposed to provide authenticated encryption to the communication channel.



  • The attack, dubbed kracks, exploits the design flows in WPA2 protocol. All protected Wi-Fi networks (including old WPA) use the 4-way handshake to generate a fresh session key.



  • So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, they show that the 4-way handshake is vulnerable to a key reinstallation attack.



  • The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others. If an attacker is in the vicinity of your wifi network, they will be able to do all these.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s