You may have seen in the press that a vulnerability has been identified in the WPA2 Wireless encryption protocol. So what is this vulnerability and what does it mean to you?
Security researchers have discovered a number of vulnerabilities in the WPA2 (WI-FI Protected Access II) protocol. These vulnerabilities may allow attackers gain access to private transmitted data traversing your wireless network. KRACK, Key Reinstallation Attack, has been able to demonstrate the ability to unencrypt wireless communication on multiple platforms, including Windows O/S, Apple IOS, Android and Linux.
So far the following protocols are vulnerable to the attack:
• WPA
• WPA II
• WPA-TKIP Cipher
• AES-CCMP
• GCMP
The flaw is not in the cryptography underlying WPA2 or its predecessor, WPA. Rather, it’s in the implementation. When communicating with a client device to initiate a Wi-Fi connection, the router sends a one-time cryptographic key to the device. That key is unique to that connection, and that device. This is so that a second device on the same Wi-Fi network can’t intercept and read the traffic to and from the first device to the router, even though both devices are signed into the same Wi-Fi network. The problem is that that one-time key can be transmitted more than one time.
To minimise connection problems, the WPA and WPA2 standards let the router transmit the one-time key as many as three times if it does not receive an acknowledgement from the client device that the one-time key was received. Because of that, an attacker within Wi-Fi range can capture the one-time key, and, in some instances, even force the client device to connect to the attacker’s bogus Wi-Fi network. The attacker can use the one-time key to decrypt much of the traffic passing between the client device and the router.
So what does this mean to you? Many vendors have already issued patches to mitigate this security vulnerability. Users are recommended to update/apply patches to their WI-FI enabled equipment. This includes routers, user devices and smartphones.
Contact Concorde Cyber Security on 03331 300600 or email enquiries@tctg.co.uk for more information on how you can protect your business from the latest vulnerability!
Author: Carl McDade, Concorde Solutions Architect