Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | (show all)   Print Thread
Standard User micksharpe
(legend) Mon 16-Oct-17 14:07:17
Print Post

WPA2 security handshake broken


[link to this post]
 
BBC News: Wi-fi security flaw 'puts devices at risk of hacks'

The researchers added the attack method was "exceptionally devastating" for Android 6.0 or above and Linux.

Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn

Edited by micksharpe (Mon 16-Oct-17 14:07:37)

Standard User bobble_bob
(knowledge is power) Mon 16-Oct-17 17:17:17
Print Post

Re: WPA2 security handshake broken


[re: micksharpe] [link to this post]
 
"The attacker has to be physically nearby and if there is encryption on the web browser, it is harder to exploit."


Encryped web browser the same as encrypted connections to a website?
Standard User micksharpe
(legend) Mon 16-Oct-17 17:38:51
Print Post

Re: WPA2 security handshake broken


[re: bobble_bob] [link to this post]
 
Yes. They are referring to HTTPS.

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn


Register (or login) on our website and you will not see this ad.

Standard User bobble_bob
(knowledge is power) Mon 16-Oct-17 17:45:36
Print Post

Re: WPA2 security handshake broken


[re: micksharpe] [link to this post]
 
Well that helps abit then.

We also made a proof-of-concept script that exploits the all-zero key (re)installation present in certain Android and Linux devices. This script is the one that we used in the demonstration video. It will be released once everyone had a reasonable chance to update their devices (and we have had a chance to prepare the code repository for release).


Why would the author release a proof of concept? This bug has presumably been around for years, and so far no evidence it has been exploited. So other than the author at the time no one knew about it, yet soon as the proof of concept comes out everyone will know how it works. I get vendors need to know so they can release a patch, but there is no way every single device in the world will be patched so some will remain vulnerable
Standard User micksharpe
(legend) Mon 16-Oct-17 18:28:28
Print Post

Re: WPA2 security handshake broken


[re: bobble_bob] [link to this post]
 
In reply to a post by bobble_bob:
Why would the author release a proof of concept?
To force the industry to do something about it. Otherwise, they would just sit on their hands.

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn
Standard User mHm
(newbie) Mon 16-Oct-17 23:19:15
Print Post

Re: WPA2 security handshake broken


[re: bobble_bob] [link to this post]
 
Why would the author release a proof of concept? This bug has presumably been around for years, and so far no evidence it has been exploited. So other than the author at the time no one knew about it, yet soon as the proof of concept comes out everyone will know how it works. I get vendors need to know so they can release a patch, but there is no way every single device in the world will be patched so some will remain vulnerable


Looking at the original paper and the author's website about this, it would appear that vendors were informed as early as July 2017. (https://www.krackattacks.com/#faq)
Standard User billford
(elder) Tue 17-Oct-17 08:33:07
Print Post

Re: WPA2 security handshake broken


[re: bobble_bob] [link to this post]
 
In reply to a post by micksharpe:
Yes. They are referring to HTTPS.
In reply to a post by bobble_bob:
Well that helps abit then.
Not on this site it doesn't crazy

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Standard User ian72
(eat-sleep-adslguide) Tue 17-Oct-17 10:38:12
Print Post

Re: WPA2 security handshake broken


[re: billford] [link to this post]
 
In reply to a post by billford:
In reply to a post by micksharpe:
Yes. They are referring to HTTPS.
In reply to a post by bobble_bob:
Well that helps abit then.
Not on this site it doesn't crazy


Yes, I am very concerned that someone will see what I am doing on this site or get my username and password so that they can post things in my name. Keeps me awake at night wink

This is just a forum. If you don't use the same password here as on other sites then someone intercepting use of the forum isn't going to be able to do much harm.
Standard User billford
(elder) Tue 17-Oct-17 10:45:33
Print Post

Re: WPA2 security handshake broken


[re: ian72] [link to this post]
 
In reply to a post by ian72:
Yes, I am very concerned that someone will see what I am doing on this site or get my username and password so that they can post things in my name. Keeps me awake at night wink
You miss the point.

It's not just your forum traffic that can be intercepted, it's all your wi-fi traffic for that session...

This site (and other non-https sites) simply provide an easier way in.

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6

Edited by billford (Tue 17-Oct-17 10:49:10)

Standard User ian72
(eat-sleep-adslguide) Tue 17-Oct-17 10:51:14
Print Post

Re: WPA2 security handshake broken


[re: billford] [link to this post]
 
No, I was responding to the concern you have about this site not being HTTPS (you used it as an example). This site not being HTTPS is not a big issue as it is very low risk. Sites that are higher risk have more reason to be HTTPS which would add another level of security over the transport medium. Personally I wouldn't use sensitive sites over the Internet at all without HTTPS as I treat the Internet as a completely untrusted network - irrespective of whether my WLAN is protected.

Edited by ian72 (Tue 17-Oct-17 10:52:11)

Standard User flippery
(experienced) Fri 20-Oct-17 15:56:40
Print Post

Re: WPA2 security handshake broken


[re: micksharpe] [link to this post]
 
Well Microsoft are recommending updaiting Wireless hardware firmware. Appears will default to hardware in Windows Low state.
No chance on my laptop. Maybe look at USB Wireless. When dust settles.
Standard User BatBoy
(sensei) Fri 20-Oct-17 16:18:34
Print Post

Re: WPA2 security handshake broken


[re: flippery] [link to this post]
 
In reply to a post by flippery:
Well Microsoft are recommending updaiting Wireless hardware firmware. Appears will default to hardware in Windows Low state.
No chance on my laptop. Maybe look at USB Wireless. When dust settles.
Can you provide a link to that please?
Standard User amiga_dude
(newbie) Fri 20-Oct-17 16:20:58
Print Post

Re: WPA2 security handshake broken


[re: micksharpe] [link to this post]
 
The worst part of this is problem has already been fixed.
802.11w (2009) : IEEE 802.11w-2009 is an approved amendment to the IEEE 802.11 standard to increase the security of its management frames.

Yep the fix for this problem existed in 2009. But next nothing uses it. Only handful of Pro WiFi kit.
Standard User micksharpe
(legend) Fri 20-Oct-17 16:23:04
Print Post

Re: WPA2 security handshake broken


[re: flippery] [link to this post]
 
I'm waiting to see if TP-LINK will update the firmware for my wireless modem/router (TD-W8968).

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn
Standard User BatBoy
(sensei) Fri 20-Oct-17 16:24:29
Print Post

Re: WPA2 security handshake broken


[re: micksharpe] [link to this post]
 
In reply to a post by micksharpe:
I'm waiting to see if TP-LINK will update the firmware for my wireless modem/router (TD-W8968).
Why would they?
Unaffected TP-Link products:

Routers and gateways working in their default mode (Router Mode) and AP Mode

Affected TP-Link products:

Routers working in Repeater Mode/WISP Mode/Client Mode:

Edited by BatBoy (Fri 20-Oct-17 16:29:37)

Standard User micksharpe
(legend) Fri 20-Oct-17 17:06:17
Print Post

Re: WPA2 security handshake broken


[re: BatBoy] [link to this post]
 
Thanks. I wonder why they are unaffected. Surely, they have to negotiate session keys like any other bit of kit?

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn
Standard User BatBoy
(sensei) Fri 20-Oct-17 17:46:39
Print Post

Re: WPA2 security handshake broken


[re: micksharpe] [link to this post]
 
Routers generally do it properly and do not allow key reuse.
Standard User bobble_bob
(knowledge is power) Sat 21-Oct-17 10:05:05
Print Post

Re: WPA2 security handshake broken


[re: BatBoy] [link to this post]
 
Arent most home routers automatically set to router mode anyway?
Pages in this thread: 1 | 2 | (show all)   Print Thread

Jump to