New paper reveal serious weaknesses discovered in WPA2 protocol

Page 1 of 2 12 LastLast
  1. AndreTen's Avatar
    Posts : 15,551
    Windows 10 (Pro and Insider Pro)
       16 Oct 2017 #1

    New paper reveal serious weaknesses discovered in WPA2 protocol


    INTRODUCTION

    We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

    The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded.

    DEMONSTRATION

    As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted. In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:


    Read more: KRACK Attacks: Breaking WPA2

    Microsoft will be first to release patch: www.neowin.net | microsoft-already-has-a-fix-for-the-wpa2-vulnerability
    Last edited by AndreTen; 16 Oct 2017 at 11:28.
      My ComputersSystem Spec


  2. Posts : 7,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       16 Oct 2017 #1

    Thanks for the heads up on that @AndreTen.
      My ComputersSystem Spec

  3. AndreTen's Avatar
    Posts : 15,551
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       16 Oct 2017 #2

    HippsieGypsie said: View Post
    Thanks for the heads up on that @AndreTen.
    Just be prepared to update router's and card's firmwares, when they show up.
      My ComputersSystem Spec

  4.    16 Oct 2017 #3

    AndreTen said: View Post
    Mathy Vanhoef of imec-DistriNet, KU Leuven discovered serious weaknesses in WPA2 protocol and posted an article about it on www.krackattacks.com.

    All modern Wi-Fi networks are vulnerable to this attack. At the time, it isn't clear how to prevent it

    This is so serious I posted a news here in News section. Mods, please transfer it somewhere else if necessary.
    Actually, we get loads of these scares.

    To me, it is irresponsible journalism to publicise it in such a manner, as it becomes a self fulfilling prophecy.

    A couple of years ago, one of new UK newspapers publicised "new flash mob craze" concerning the authorities. As a result, flash mobs exploded in number!

    There is no evidence as far as I can tell, the weakness has been hacked yet, but now the hackers know, and know where to look......

    A more responsible article would say "Experts have identified a weakness and whilst we cannot provide details for security puposes, we have let appropriate authorities know. In meantime we recommend you do X,Y,Z etc."

    Of course, journalists never care about the fallout from their articles, so long as they sell papers, or get advertising revenue from extra clicks etc.

    This is one of those stories that is going to get blown out of all proportion.
      My ComputerSystem Spec

  5. AndreTen's Avatar
    Posts : 15,551
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       16 Oct 2017 #4

    cereberus said: View Post
    Actually, we get loads of these scares.

    To me, it is irresponsible journalism to publicise it in such a manner, as it becomes a self fulfilling prophecy.

    A couple of years ago, one of new UK newspapers publicised "new flash mob craze" concerning the authorities. As a result, flash mobs exploded in number!

    There is no evidence as far as I can tell, the weakness has been hacked yet, but now the hackers know, and know where to look......

    A more responsible article would say "Experts have identified a weakness and whilst we cannot provide details for security puposes, we have let appropriate authorities know. In meantime we recommend you do X,Y,Z etc."

    Of course, journalists never care about the fallout from their articles, so long as they sell papers, or get advertising revenue from extra clicks etc.

    This is one of those stories that is going to get blown out of all proportion.
    This is authors own discovery... and he's hiding some crucial details for now, as far as I'm understanding it.

    There is no attack in the wild atm, so equipment manufacturers do have some time to develop solutions. And he is not selling new equipment, because new solutions are also affected by this (it's in the way protocol works at the time of signing into network)
      My ComputersSystem Spec

  6.    16 Oct 2017 #5

    AndreTen said: View Post
    This is authors own discovery... and he's hiding some crucial details for now, as far as I'm understanding it.

    There is no attack in the wild atm, so equipment manufacturers do have some time to develop solutions. And he is not selling new equipment, because new solutions are also affected by this (it's in the way protocol works at the time of signing into network)
    So apart from creating a scare, why did he feel need to publicise it now, rather than responsibly telling authorities?

    Was it altruism, or oh let me think - 's for article - LOL.
      My ComputerSystem Spec

  7. AndreTen's Avatar
    Posts : 15,551
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       16 Oct 2017 #6

    cereberus said: View Post
    So apart from creating a scare, why did he feel need to publicise it now, rather than responsibly telling authorities?

    Was it altruism, or oh let me think - 's for article - LOL.
    Guessing is not productive here... But, there are good reasons I can imagine. (and what is wrong with $$$ - world is running on it).
    If he publish a paper (it is research work), I guess he is academic and publishing is part of his life (cruel too).

    It is good he revealed this vulnerability, no matter how much you or anybody else don't like it. Otherwise, once it's known (and someone would get to it), bad guy would find out and we won't...
      My ComputersSystem Spec

  8. AndreTen's Avatar
    Posts : 15,551
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       16 Oct 2017 #7

    Looks like first patches will be OS related.

    neowin.net | microsoft-already-has-a-fix-for-the-wpa2-vulnerability?
      My ComputersSystem Spec

  9.   My ComputersSystem Spec

  10. f14tomcat's Avatar
    Posts : 38,269
    Triple boot - Win 10 Pro, Win 10 Pro Insider (2) - (and a sprinkling of VMs)
       16 Oct 2017 #9

    Has anyone actually received any security KBs from MS yet today? I've checked, just did, and nothing.

    EDIT: It was included in the Oct 10th Security Patch Tuesday updates.
    Last edited by f14tomcat; 16 Oct 2017 at 13:01.
      My ComputersSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Changing wifi from wep to wpa2 in Network and Sharing
hi, i am tryting to change my wifi to wpa2. i have windows 10 and a chromebook. i was using a guide, but it was from the xp days and i can't find the settings i am looking for. i keep running in circles on the desktop! i appreciate the help!
Hi I have a new ASUS UX305CA laptop preloaded with W10. It recognised my old Epson Stylus SX415 printer but will not act on selection to print both sides of paper. I seem to have the most up to date driver and I've tried removing and...
Firstly, I have an Epson Workforce WF-7620 Printer, if that makes a difference. Secondly, I'm (obviously) on Windows 10 since I'm here, using Word 2016, however I don't think the application itself is important. I could be wrong. I'l just use...
How to switch to WPA2 in Windows 10? in Network and Sharing
I'm using Windows 10. My current WiFi settings are: Network and sharing center >Connections: WIFi (SSID name) >Wireless properties >Security> Security type: WPA personal Encryption type: AES I want to switch to WPA2 personal. When I switch...
Solved Changing the default paper size in Drivers and Hardware
How do you change the default paper size from letter to A4. ALL the paper I buy in the UK is A4 and the letter size, although only slightly out, throws out my formatting, particularly when I do a mail merge or print a document with a header or...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 00:20.
Find Us