WPA2 security flaw leaves millions of devices open to attack

WPA2, a common protocol used in securing most modern wireless networks, has been broken, putting almost every wireless-enabled device at risk of attack.

Known as KRACK (Key Reinstallation Attacks), the vulnerability makes it possible to eavesdrop on Wi-Fi traffic. Millions and millions of devices are at risk — Windows, Linux, Android and more.

Researcher Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol’s four-way handshake, which securely allows new devices with a pre-shared password to join the network. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices — putting every supported device at risk.

The warning came at around the time of the Black Hat security conference, when Vanhoef presented a talk on networking protocols, with a focus on the Wi-Fi handshake that authenticates a user joining a network.

There’s also a hint in this paper [PDF] Vanhoef and Piessens gave to Black Hat back in August. The slide below shows what part of the handshake the pair were working on.

vanhoef_piessens_blackhat_2017

%d bloggers like this: