WPA2 client attack

[Gnome]

Quite a serious problem: https://www.krackattacks.com/

The attack works against all modern protected Wi-Fi networks

...

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations

 

[SauRoNZA]

Do we really need 5 different threads about this?

 

[AlphaJohn]

Do we really need 5 different threads about this?

Well unlike others I recon this one is at the right place

 

[infscrtyrisk]

Well unlike others I recon this one is at the right place

True. And the correct source -- there's a lot of hype and a lot of social media sources spewing rubbish.

Some more authoritative URLs:
https://www.kb.cert.org/vuls/id/228519
https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update

Schadenfreude: It is times like this that you are reaping the benefits of defense-in-depth. All those peeps that were laughing at you at the time, whilst calling you a paranoid tinfoil-hatter are now wringing their hands, gnashing their teeth and renting their garments. I can sleep through the storm.

 

[Willie Trombone]

So if I understand correctly, this is mostly about a MITM attack.

 

[Gnome]

So if I understand correctly, this is mostly about a MITM attack.

Indeed. In fact it is pretty one sided attack. It targets the client in the process of establishing a connection to an AP.
There is nothing an AP or wifi provider can do to mitigate this attack, they aren't technically in control of how the client responds to this.

APs are not vulnerable to this, unless they explicitly connect to other devices as clients themselves.
That is my guess as to why Aruba and other wifi router makers have created a "fix" for example
(eg. the client part of their code would be vulnerable also).

The one sidedness comes into play in that this isn't a MiTM where the attacker sits between the client and the AP.
The attacker becomes the AP that the client is fooled into connecting to.

You cannot extract the wifi pre-shared key, nor decrypt what the AP sent.

That is my understanding of it from a precursory scan of the implementation.

Once again this attack shows how important security layering is
VPN and HTTPs, etc. communication over Wifi are still safe.

 

[bdt]

[video=youtube;Oh4WURZoR98]https://www.youtube.com/watch?v=Oh4WURZoR98[/video]

For an idea/pass on to the curious.

 

[Thor]

When will WPA3 be released and will smartphones and Telkom routers be compatible?

 

[bdt]

When will WPA3 be released and will smartphones and Telkom routers be compatible?

See the Q&A on the vuln site details page; turns out WPA3 is effectively not a necessary response to this. And then, this is far more of a client-side problem than router side (at least that's how it's reading to me) so it's less about securing the wifi host/AP side than it is the client side - the things we actually have our hands on; more in this other thread (and maybe some merge action is needed here?)

 

[Thor]

See the Q&A on the vuln site details page; turns out WPA3 is effectively not a necessary response to this. And then, this is far more of a client-side problem than router side (at least that's how it's reading to me) so it's less about securing the wifi host/AP side than it is the client side - the things we actually have our hands on; more in this other thread (and maybe some merge action is needed here?)

I thought this was NOT client side meaning even if you have WPA2 setup correctly you are still at risk and compromised becuase this is a flaw in WPA2 and thus the physical routers will need to be loaded with new firmware to address it.

Unless my definition of client differs?

 

[bdt]

I thought this was NOT client side meaning even if you have WPA2 setup correctly you are still at risk and compromised becuase this is a flaw in WPA2 and thus the physical routers will need to be loaded with new firmware to address it.

Unless my definition of client differs?

You watch that video from the researcher? My takeaway is that this doesn't directly attack the wifi host itself, but rather the exchange (the four-way handshake) between the secured network (that it leaves alone), and the client that gets tricked into connecting to the attacker's evil twin of the network in an MitM attack. And that Linux/Android are particularly vulnerable to this; while Windows is already patched, and not a device in your hand anyway.

But yes, routers - where routers are devices that both route and provide wifi (which is perhaps the more relevant/important conversation we should be having) can get patched to mitigate against their side of the exposure to this attack ...but the thing in your hand is, to me at least, more the problem.

 

[bdt]

Part one (of what looks like five at least) deep dive into what this is all about:

[video=youtube;QeDn7bgIpIU]https://www.youtube.com/watch?v=QeDn7bgIpIU[/video]

 

[Thor]

Ahhhh right I understand what you mean now.

Yea defs more of a client-side issue. Probably easier to patch too via OTA updates

 

[SauRoNZA]

I thought this was NOT client side meaning even if you have WPA2 setup correctly you are still at risk and compromised becuase this is a flaw in WPA2 and thus the physical routers will need to be loaded with new firmware to address it.

Unless my definition of client differs?

They would need new firmware as that’s just how software updates work on a router.

But they won’t need a new WPA3 or other implementation.

The problem is as with WPS and WEP and such is that most people in the wild aren’t trained in these things and will never switch WPS off or update their router.

And very few of them will get OTA updates. So you’ll probably find this hack being used for many years to come.

Which is why it’s great that it can be fixed client side otherwise none of us could jump on a WiFi network with any amount of sanity.

 

[Willie Trombone]

Which is why it’s great that it can be fixed client side otherwise none of us could jump on a WiFi network with any amount of sanity.

Good point. If it were AP side then we would likely see big warnings from client software when connecting to out of date routers for the next 10 years while people play catch up. The fact that some people still use WEP or nothing at all...