Now a days, every offices, houses, hotels, parks, hospitals, almost everywhere there is wifi. But the real question is, are they secure?If your wireless access point is not properly secured, people from other houses, offices or nearby buildings can gain access to it. People who are able to connect to your wireless router or network, may be able to
In order prevent these attacks and stop unauthorized access, there are certain security measures adopted. As mentioned here, WPA was considered as the world’s safest WiFi security that couldn’t be cracked. The successor of WEP is something called WPA. WPA stands for Wifi protected access. Here the Initialization vector is longer than that of WEP. Here another method of ciphering the information using the RC4 cipher and an integrity protocol called TKIP of Temporal Key Integrity Protocol is used.
Each packet transmitted using TKIP has a unique 48-bit serial number that is incremented every time a new packet is transmitted and used both as the Initialization Vector and part of the key. Putting a sequence number into the key ensures that the key is different for every packet. WPA is backward compatible which means WPA can be used on the same hardware that supported WEP. We just have to upgrade the software for that.
But it seems like this has been compromised. A new flaw has been discovered in the core protocol level implementation of WPA2 WiFi.
Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.
Last year a paper was published by mentioning about the generation of random numbers which were later used to create various group keys such as Pre Shared Encryption Keys in WPA networks are not random enough and are predictable. With this in mind, researchers has been constantly working on attacking WPA networks and it looks like they have been successfull in breaking the so called “Security” in WPA networks.
The KRACK Attack is performed against a 4 way handshake which is performed when a client wants to join a Wireless network that is created by an Access Point. During a 4 Way handshake, a FRESH encryption key is generated that will be used for encrypting the data that is exchanged between station and client. This key will be installed by the client when it receives the third packet of the 4 way handshake.
If the message 3 is not received by the client, it will not send the acknowledgement to station. If station doesn’t receive the acknowledgement, it will re-transmit message 3 to client. This means that the client may receive message 3 multiple times. Whenever message 3 is received by the client, it will reinstall the key over and over again resetting incremental transmit packet number (nonce) and receive replay counter used by the encryption protocol.
In Key Reinstallation Attack attacker collects and resend message 3 of the 4 way handshake to force these nonce reset resulting in decryption of the packets, replay attacks and man in the middle attacks.
Mathy Vanhoef, a Doctoral Researcher will reveal his findings today at 10 PM AEST.
The research paper can be viewed from here : Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2.
This is a core protocol-level flaw in WPA2 wi-fi and it looks bad. Possible impact: wi-fi decrypt, connection hijacking, content injection.
A successful attack can result in decryption of Wireless Network traffic Packets revealing personal information such usernames, passwords, bank accout numbers, personal mails etc.
Hackers can also add his own malicious contents in the network packets such as phishing links or messages which will redirect the victims to his/her phishing sites. An attacker can even inject malware or others malicious scripts to the network data packets.
Currently this exploit works only on android and linux devices. Vendors are already aware of this flaw and they have taken steps to prevent these attacks in the future. Patches has been developed by major companies and the firmware can easily be upgraded in the currently active routers that uses WPA. Even though 90% of the current users are not aware and are suspected to be vulnerable to these attacks. Millions and millions of IOT devices faces this threat and there is nothing we can do about them.
Source: https://www.krackattacks.com/#paper
Discover creative ways to recycle old electronics into new, useful gadgets. Turn your electronic waste…
Explore the top 10 advanced LED projects that go beyond basic lighting. Perfect for electronics…
The integration of UV resin into the PCB production process represents a great achievement and…
Discover essential tips for electronics engineering graduates to gain practical experience, from internships to DIY…
Learn essential tips on setting up your workspace, choosing the right tools, and starting your…
The electronics sector is about to undergo a revolutionary period that will be characterized by…