Security researchers have discovered several key management vulnerabilities in the core of the most commonly used encryption protocol for securing Wi-Fi networks.
The encryption method, known as Protected Access II (WPA2), was designed in the early 2000’s by the Wi-Fi Alliance, an international non-profit organization that promotes Wi-Fi technology. WPA2 uses an encryption key that must be manually entered on wireless access points. WPA2 also includes a message integrity check, essentially a way to prevent an attacker from altering and resending data packets in a malicious form.
The hack that exploits weaknesses in the WPA2, dubbed KRACK, or Key Reinstallation Attack, was discovered by researchers Mathy Vanhoef at the Katholieke Universiteit Leuven in Belgium.
Here’s essentially how it works:
KRACK interrupts a four-step process known as a "four-way handshake" used to create a single-use encryption key that encodes communications between a computer or device and network sites and applications. The hack is executed by a hacker tricking a target into re-installing an already-in-use key, which the hackers are are already capable of decrypting. This is achieved by manipulating and replaying cryptographic “handshake” messages to the target device.
To be sure the hack does not grant access to the targeted device but rather allows the attacker to eavesdrop on all communications emanating to and from it. Also, an attacker would have to be in range of the target’s Wi-Fi router in order to execute an attack, as pointed out by the Department of Homeland Security (DHS).
The implications of this discovery are huge.
The hack essentially puts at risk any device with Wi-Fi capabilities. In the meantime, it will be left to individual vendors to address this vulnerability. In order to patch the flaw, users will need to wait for the firmware updates from device manufacturers.
The good news is that this looks like it has already begun. Microsoft has already released a software update that addresses the issue, as will Apple in the coming weeks.
With the public and individuals now becoming aware of this flaw, what remains to be seen is whether or not hackers have been silently exploiting this weakness, and if so for how long.