The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

New KRACK Attack Breaks WPA2 WiFi Protocol

2017-10-16 09:19 by
Tags: , ,

 

A vulnerability in the widely used WPA2 protocol puts almost every wireless-enabled device at risk of attack.WPA2 is a security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers.

Mathy Vanhoef of KU Leuven, a Belgian security researcher who discovered the flaw, warns that the security problem stems from a fundamental cryptographic weakness in the latest generation of wireless networking rather than a software security bug. Simply changing Wi-Fi network passwords is not going to help.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. It works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data as well as eavesdropping on communications. The only main limitation is that an attacker needs to be within range of a victim to exploit these weaknesses.

The KRACK attack sees a hacker trick a victim into reinstalling an already-in-use key. Every key should be unique and not re-usable, but a flaw in WPA2 means a hacker can tweak and replay the "handshakes" carried out between Wi-Fi routers and devices connecting to them; during those handshakes, encryption keys made up of algorithmically-generated, one-time-use random numbers are created. It turns out that in WPA2, it's possible for an attacker to manipulate the handshakes so that the keys can be reused and messages silently intercepted.

Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. It is expected that device manufacturers will release patches for the flaw.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About