Has a New Wi-Fi Hack Been Discovered in the WPA2 Security Protocol?

  • Thread starter jtbell
  • Start date
In summary: Otherwise, you are vulnerable to the man in the middle attack.In summary, under the WPA2 security protocol, the client can be tricked into reinstalling a known network key by an attacker retransmitting the third message of WPA2's 4-way handshake. This is especially bad for linux devices since linux clears the key in ram after it is installed. If the attacker coaxes linux to re-install the key, it will install the cleared memory (which is all zeros) as the new key.
  • #1
jtbell
Staff Emeritus
Science Advisor
Homework Helper
15,946
5,903
  • Like
Likes NFuller, ISamson and QuantumQuest
Computer science news on Phys.org
  • #2
Makes me wish I was still using an iPhone. I just switched to an Android phone and I hear those take time to get patched due to extra QA hoops. Google -> phone manufacturer -> cell carrier? So it sounds like Android devices will be the most vulnerable.
 
  • #3
Here's the paper describing the vulnerability in detail https://papers.mathyvanhoef.com/ccs2017.pdf.

It appears that under the WPA2 protocol, the client can be tricked into reinstalling a known network key by an attacker retransmitting the third message of WPA2's 4-way handshake. It is especially bad for linux devices since linux clears the key in ram after it is installed. If the attacker coaxes linux to re-install the key, it will install the cleared memory (which is all zeros) as the new key.
 
  • #4
Would it be possible to hack it using Arduino? :smile:
 
  • #5
Use https. If websites don't offer that, bug the owners until they do.

Relying on Wifi security was never a good idea - even if the wireless connection is secure, it still means the owner of the router and every computer transferring the data over the internet can read everything if there is no encryption of the web traffic. Add the various exploits that can make the phone/laptop connect to the wrong router and you shouldn't rely on Wifi security anyway.
 
  • Like
Likes QuantumQuest, Vanadium 50 and ISamson
  • #7
mfb said:
Use https.

This. Even with the best Wifi security, you have no idea what is listening on your traffic once it leaves the router. Who knows what is hooked up to the network in the back room of the Starbucks? You should behave as if everything on the network is insecure, and that means taking precautions.
 
  • Like
Likes QuantumQuest
  • #8
mfb said:
Use https. If websites don't offer that, bug the owners until they do.
Depends what you are doing. If you are reading news at WaPo what difference does HTTPS make? Even HTTPS has different security levels. I had to renew PF's certificate weeks after buying it because Google flagged it for using SHA-1 instead of SHA-2.
 
  • #9
It's not as bad as it sounds. wpa_supplicant on linux was patched on the same day the information was released. On an unpatched system, this attack can be used to capture and view data being sent from the client to the access point.
For example: The attacker can see that your system made a dns request for google.com but it doesn't know what was sent back.

The problem is mobile. I don't know how quickly android vendors will provide patches to fix your phone/tablet.

If you are using websites that have https correctly configured with HSTS and a browser that supports it, then you shouldn't be at risk. The problem is when websites don't, then a MITM attack can take place using a rogue access point and tools like sslstrip. But people won't be able to steal your gmail or facebook login credentials as your browser will warn you that you are using HTTP on a site that should always use HTTPS

It will be obvious. An error that looks like this:
hqdefault.jpg


Yeah it's bad but as an end user, you can still do a lot on your end to mitigate risk and safeguard your information.
 
  • Like
Likes QuantumQuest
  • #10
Greg Bernhardt said:
If you are reading news at WaPo what difference does HTTPS make?
Not much, but then the wifi encryption is not important either.
 
  • #11
Thanks god to the fast updates for Linux users, in the next day, try it
 

Related to Has a New Wi-Fi Hack Been Discovered in the WPA2 Security Protocol?

1. What is the new Wi-Fi hack that has been discovered?

The new Wi-Fi hack that has been discovered is called "KRACK", which stands for Key Reinstallation Attack. It is a vulnerability found in the WPA2 encryption protocol that is used to secure Wi-Fi networks.

2. How does the KRACK attack work?

The KRACK attack exploits a weakness in the WPA2 protocol by tricking devices into reinstalling an already-used encryption key. This allows the attacker to intercept and decrypt sensitive information, such as passwords and credit card numbers, sent over the Wi-Fi network.

3. Who discovered the KRACK attack?

The KRACK attack was discovered by a team of researchers from the Belgian university KU Leuven. They found the vulnerability while conducting experiments on the WPA2 encryption protocol.

4. Is my Wi-Fi network vulnerable to the KRACK attack?

It is highly likely that your Wi-Fi network is vulnerable to the KRACK attack, as the vulnerability lies in the WPA2 protocol itself. However, it is important to note that the attacker needs to be within range of your Wi-Fi network to launch the attack.

5. How can I protect my Wi-Fi network from the KRACK attack?

The best way to protect your Wi-Fi network from the KRACK attack is to update all of your devices with the latest security patches. Many device manufacturers have released updates to fix the vulnerability. Additionally, using a virtual private network (VPN) can also provide an extra layer of protection against the KRACK attack.

Similar threads

Replies
3
Views
1K
Replies
8
Views
2K
Replies
10
Views
2K
  • Science Fiction and Fantasy Media
2
Replies
44
Views
6K
  • STEM Academic Advising
Replies
1
Views
2K
  • Programming and Computer Science
Replies
4
Views
3K
  • Computing and Technology
Replies
4
Views
3K
  • Electrical Engineering
Replies
14
Views
1K
  • Computing and Technology
Replies
2
Views
4K
  • DIY Projects
Replies
5
Views
6K
Back
Top