edit-icon download-icon

[Vulnerability notice] Key reinstallation attacks breaking WPA2 by forcing nonce reuse

Last Updated: Mar 12, 2018

On October 16, 2017, two researchers of the University of Leuven in Belgium disclosed a WPA2 vulnerability named Key Reinstallation Attacks (KRACK). This vulnerability affects Android, Linux, iOS, MacOS, Windows, OpenBSD, and embedded and IoT devices. The researchers claim that this vulnerability allows attackers to initiate perfect attacks to Android 6 client wpa_supplicant and such attacks are easy to implement.

Attackers can exploit this vulnerability in the WPA2 Wi-Fi encryption protocol to decrypt credit card numbers, user names, passwords, pictures, and other sensitive information from network traffic. By using special network configurations, attackers can also inject data to a network and install malware remotely.

What is KRACK

Researchers initiated a key reinstallation attack to the WPA2 protocol by exploiting the vulnerability they discovered, and finally cracked the WPA2 protocol and intruded into the target network.

After cracking the WPA2 protocol, attackers can snoop and intercept sensitive information. The subsequent actions are similar to man-in-the-middle (MITM) attacks. If attackers decrypt and view information in the unencrypted data streams they intercept, they can insert malicious content in the data streams and intrude into your computer without your awareness. A key reinstallation attack can be initiated when the attacker can detect Wi-Fi signals from your device.

The researchers noted that the key reinstallation attacks intercept communication between clients and routers, and cannot be prevented by changing Wi-Fi passwords.

CVE identifiers

The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by the reinstallation attack:

  • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the four-way handshake.
  • CVE-2017-13078: Reinstallation of the group key (GTK) in the four-way handshake.
  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the four-way handshake.
  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
  • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
  • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
  • CVE-2017-13087: reinstallation of the group key (GTK) while processing a Wireless Network Management (WNM) Sleep Mode Response frame.
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) while processing a Wireless Network Management (WNM) Sleep Mode Response frame.

Affected scope

Android, Linux, iOS, MacOS, Windows, OpenBSD, and embedded and IoT devices

Condition of exploits

An attack can be initiated when the attacker can discover Wi-Fi signals of the target network. The Proof of Concept (PoC) has been published.

Hazards

Hackers can exploit this vulnerability to initiate data decryption, data package replay, TCP connection hijacking, HTTP content injection, or other types of attacks in the coverage area of a household or office Wi-Fi network. Then, the hackers can snoop network operations and intercept insecure or unencrypted data streams or household surveillance video streams. This vulnerability brings high security risks.

Note: This vulnerability does not affect ECS of Alibaba Cloud users because ECS does not have a Wi-Fi network.

How to fix

  • Windows users

    Microsoft claims in the latest statement that the vulnerability in the WPA2 protocol can be fixed by the security update. You only need to make sure that you are using a supported operating system and have enabled automatic updating.

  • Android and iOS users

    It is reported that more than 40% of Android devices are affected by this Wi-Fi vulnerability. Google pushed security updates against this vulnerability to Pixel users in November 2017.

    Apple has fixed this critical vulnerability in its latest beta system. This vulnerability is fixed in the latest iOS11.1 Beta3, watchOS4.1, and tvOS11.1 developer beta versions, but it still exists in formal versions such as iOS10 and iOS11.

  • Users of other products

    Users of other products need to pay attention to security updates released by related product or software vendors.

Recommendations by Alibaba Cloud Security

  • Check for updates of your routers, mobile phones, computers, and servers.

    If latest firmware or software is released, we recommend that you update the firmware or software in time.

    Note: Before an update, back up important data.

  • Do not open unknown links.

    Before logging on to a transactional website such as an online banking or shopping website, check authenticity of the website to prevent theft of your account and password by a phishing site.

  • Professional users can use VPN to encrypt data, so as to prevent data leakage.

  • This vulnerability does not affect ECS of Alibaba Cloud users because ECS does not have a Wi-Fi network.

    To prevent other security incidents, we recommend that you pay attention to security issues and log on to the Alibaba Cloud Security console every day to inspect your business applications and office network environment on the cloud, so that you can fix critical and high-risk issues in time.

Reference

[1]. https://www.krackattacks.com/

Thank you! We've received your feedback.