WPA2 is widely regarded as the industry’s most secure wireless encryption protocol. Recently, the US-CERT has announced several vulnerabilities in the WPA2 encryption implementation in clients and APs, the first known significant “crack in the code” to wireless networks in over 10 years. The vulnerabilities have been named KRACKs (Key Reinstallation Attacks). It targets the third step in a four way authentication “handshake” performed when your Wifi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during step three and if attackers collect and replay those retransmissions in a particular ways, Wi Fi security encryption can be broken.
“Wi-Fi communication takes place using wireless radio frequency transmissions that can naturally be heard by anyone with the right hardware (which is readily and cheaply available). Encryption is therefore needed to secure communication over WiFi. WEP, WPA, and WPA2 are the three standards for Wi-Fi encryption. While weaknesses were quickly discovered in WEP and WPA, WPA2 has, till recently, stood up to the test of time. The recently announced KRACK attack is significant because it revealed the first chink in the WPA2 armor. This attack cleverly exploits some corner cases in the standard specification to create a situation where it is possible for the attacker to decrypt or replay some packets. There is actually a whole set of related vulnerabilities most of which affect the Wi-Fi clients while one affects access points (APs).
Fortunately, the fix for the vulnerability is a simple software fix and does not require any hardware upgrade. Customers need to update both AP as well as client firmware to be fully protected” Deepak Gupta, Chief Architect, Mojo Networks.
Who all are affected by this attack?
Any Wi-Fi networks that use WPA2 security are affected (including home wi-fi networks). “Actually the attack affects WPA as well but WPA is anyway not considered secure due to previously known weaknesses. Public Wi-Fi networks usually do not use encryption and are therefore not affected by this attack (though they are insecure precisely because they do not use encryption!)”, Gupta added.
The KRACK attack allows an attacker to decrypt certain data packets and/or replay some other packets. Though seemingly somewhat limited in scope, if not fixed, it is likely to lead to people finding creating ways to exploit this small “crack” in more significant ways.
How does this security vulnerability works
Vulnerabilities have been discovered regarding how clients and APs implement state machines in software to implement WPA2 temporal key generation and transportation handshakes. The vulnerabilities can be exploited by manipulating certain handshake messages over the air. The exploit results into reuse of some packet numbers when handshakes are performed.
Reuse of packet numbers violates the fundamental principle on which the strength of WPA2 encryption and replay security is based. The principle is that for a given WPA2 temporal key, packet numbers in any two packet transmissions protected by the key must not be the same and the receiver must only accept a new packet if its packet number is higher than the most recently received packet. For packet pairs where the former part of the above principle is violated, it is possible to determine the content of one packet if the plaintext of the other packet is known or can be guessed. When the latter part of the above principle is violated, it permits adversary to replay old packets to the receiver.
Mojo Networks role to help organizations deal with this attack
According to Deepak Gupta, Mojo Networks is the pioneer in wireless security technology and in fact invented “wireless intrusion prevention systems”. Our unique security engine based on fundamental attack building blocks (as opposed to signature based attack detection) ensured that our customers were protected even before they patched their AP and client firmware. This was possible because our WIPS can detect and guard against the basic technique of “AP MAC spoofing” that is needed to actually execute the attack.
In addition, Mojo released a firmware patch for its APs on the same day as the attack announcement. This patch not only fixes the AP side vulnerability but also mitigates the client side vulnerability giving our customers more time to patch clients.