Encryption flaw leaves every Wi-Fi network in the world wide open

A Belgian researcher has uncovered a major weakness in the WPA2 Wi-Fi security protocol that is thought to leave every Wi-Fi network in the world open to attack

All Wi-Fi networks secured and protected with the Wi-Fi Protected Access 2 (WPA2) are vulnerable to a newly-discovered vulnerability that will potentially affect virtually every device that connects to the internet using Wi-Fi.

Introduced in 2004, WPA2 is the successor security standard to the second-generation WPA standard, which itself replaced the original Wired Equivalent Privacy (WEP) standard. It is considered stronger and more reliable than its predecessor, and is essentially in universal use around the world.

The vulnerability was uncovered by Mathy Vanhoef, a security expert at KU Leuven University in Belgium, who said attackers could exploit weakness in the standard itself – not in any products or implementations – to read encrypted data, and inject ransomware or malware into websites using a novel technique called a key reinstallation attack (Krack).

A so-called Krack attack targets the four-way handshake in the WPA2 protocol that is executed whenever a client tries to join a protected Wi-Fi network. It confirms that both client and access point (AP) have the right password credentials, and negotiates a new key to encrypt subsequent session traffic.

Vanhoef said that by manipulating and replaying these cryptographic handshake messages, a hacker could trick a device into reinstalling an already-in-use key, giving the attacker visibility of any transmitted data.

The fact that the flaw is in the standard makes it particularly dangerous because any correct implementation of WPA2 anywhere in the world is likely to be affected, said Vanhoef, who will present his research at the Computer and Communications Security Conference and at Black Hat Europe.

In a proof-of-concept demo, Vanhoef carried out a Krack attack on an Android smartphone, and was able to decrypt all data transmitted after tricking the device into reinstalling an in-use key. Android and Linux devices are particularly vulnerable, he added, because their encryption keys can be rewritten to all zeros.

“To prevent the attack, users must update affected products as soon as security updates become available,” wrote Vanhoef. “Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others are all affected by some variant of the attacks.”

Continue reading…