WPA2 security handshake broken

BBC News: Wi-fi security flaw 'puts devices at risk of hacks'

The researchers added the attack method was "exceptionally devastating" for Android 6.0 or above and Linux.

Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse

Edited by micksharpe (Mon 16-Oct-17 14:07:37)

"The attacker has to be physically nearby and if there is encryption on the web browser, it is harder to exploit."

Encryped web browser the same as encrypted connections to a website?

Yes. They are referring to HTTPS.

Well that helps abit then.

We also made a proof-of-concept script that exploits the all-zero key (re)installation present in certain Android and Linux devices. This script is the one that we used in the demonstration video. It will be released once everyone had a reasonable chance to update their devices (and we have had a chance to prepare the code repository for release).

Why would the author release a proof of concept? This bug has presumably been around for years, and so far no evidence it has been exploited. So other than the author at the time no one knew about it, yet soon as the proof of concept comes out everyone will know how it works. I get vendors need to know so they can release a patch, but there is no way every single device in the world will be patched so some will remain vulnerable

In reply to a post by bobble_bob:

Why would the author release a proof of concept?

To force the industry to do something about it. Otherwise, they would just sit on their hands.

Why would the author release a proof of concept? This bug has presumably been around for years, and so far no evidence it has been exploited. So other than the author at the time no one knew about it, yet soon as the proof of concept comes out everyone will know how it works. I get vendors need to know so they can release a patch, but there is no way every single device in the world will be patched so some will remain vulnerable

Looking at the original paper and the author's website about this, it would appear that vendors were informed as early as July 2017. (https://www.krackattacks.com/#faq)

In reply to a post by micksharpe:

Yes. They are referring to HTTPS.

In reply to a post by bobble_bob:

Well that helps abit then.

Not on this site it doesn't

In reply to a post by billford:

In reply to a post by micksharpe:

Yes. They are referring to HTTPS.

In reply to a post by bobble_bob:

Well that helps abit then.

Not on this site it doesn't

Yes, I am very concerned that someone will see what I am doing on this site or get my username and password so that they can post things in my name. Keeps me awake at night

This is just a forum. If you don't use the same password here as on other sites then someone intercepting use of the forum isn't going to be able to do much harm.

In reply to a post by ian72:

Yes, I am very concerned that someone will see what I am doing on this site or get my username and password so that they can post things in my name. Keeps me awake at night

You miss the point.

It's not just your forum traffic that can be intercepted, it's all your wi-fi traffic for that session...

This site (and other non-https sites) simply provide an easier way in.

Edited by billford (Tue 17-Oct-17 10:49:10)

No, I was responding to the concern you have about this site not being HTTPS (you used it as an example). This site not being HTTPS is not a big issue as it is very low risk. Sites that are higher risk have more reason to be HTTPS which would add another level of security over the transport medium. Personally I wouldn't use sensitive sites over the Internet at all without HTTPS as I treat the Internet as a completely untrusted network - irrespective of whether my WLAN is protected.

Edited by ian72 (Tue 17-Oct-17 10:52:11)

Well Microsoft are recommending updaiting Wireless hardware firmware. Appears will default to hardware in Windows Low state.
No chance on my laptop. Maybe look at USB Wireless. When dust settles.

In reply to a post by flippery:

Well Microsoft are recommending updaiting Wireless hardware firmware. Appears will default to hardware in Windows Low state.
No chance on my laptop. Maybe look at USB Wireless. When dust settles.

Can you provide a link to that please?

The worst part of this is problem has already been fixed.
802.11w (2009) : IEEE 802.11w-2009 is an approved amendment to the IEEE 802.11 standard to increase the security of its management frames.

Yep the fix for this problem existed in 2009. But next nothing uses it. Only handful of Pro WiFi kit.

I'm waiting to see if TP-LINK will update the firmware for my wireless modem/router (TD-W8968).

In reply to a post by micksharpe:

I'm waiting to see if TP-LINK will update the firmware for my wireless modem/router (TD-W8968).

Why would they?

Unaffected TP-Link products:

Routers and gateways working in their default mode (Router Mode) and AP Mode

Affected TP-Link products:

Routers working in Repeater Mode/WISP Mode/Client Mode：

Edited by deleted (Fri 20-Oct-17 16:29:37)

Thanks. I wonder why they are unaffected. Surely, they have to negotiate session keys like any other bit of kit?

Routers generally do it properly and do not allow key reuse.

Arent most home routers automatically set to router mode anyway?