On 16 October, news first emerged of what's known as "KRACKs." These malicious techniques exploit vulnerabilities that affect a protocol used for securing Wi-Fi networks. Bad actors could therefore leverage KRAcks to potentially expose encrypted information exchanged over otherwise secure wireless connections. As of this writing, the computer security industry is working to understand the full extent of the weaknesses. But that doesn't mean users and organizations can't do something in the meantime to protect themselves. Here's a basic overview of KRACKs and what you can do to defend against them.
What Are KRACKs?
KRACKs is an acronym for Key Reinstallation Attacks. Security researchers Mathy Vanhoef and Frank Piessens at KU Leuven discovered that a bad actor within range of a victim could conduct a key reinstallation attack that abuses vulnerabilities affecting WPA2, a protocol which secures most modern Wi-Fi networks. As Vanhoef explains on a dedicated website about the attack approach:
"In a key reinstallation attack, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice."
Vanhef and Piessens also published a research paper about KRACKs. You can view that resource here.
What Are the Vulnerabilities?
KRACKs are capable of exploiting 10 vulnerabilities that affect the WPA2 protocol. These security issues are as follows:
- CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
- CVE-2017-13078: reinstallation of the group key in the Four-way handshake
- CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
- CVE-2017-13080: reinstallation of the group key in the Group Key handshake
- CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
- CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
- CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
- CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
- CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
- CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
What's the Impact?
Successful use of a key reinstallation attack can reset a packet number/initialization vector to 0. In so doing, nefarious individuals can decrypt packets protected by WPA2 and subsequently expose passwords, cookies, and other information transmitted by users over the web. They can also decrypt TCP SYN packets to hijack a TCP connection. But that's not all. In the event a victim uses WPA-TKIP or GCMP encryption protocol, attackers can conduct a KRACK in order to manipulate or inject data into the wireless transmission. This capability allows bad actors to disseminate malware and/or ransomware via websites that a victim might visit.
Who's Affected?
According to Vanhef and Piessens, the vulnerabilities listed above affect both WPA1 and WPA2 regardless of cipher suite (WPA-TKIP, AES-CCMP, and GCMP). That means any device that uses Wi-Fi, whether it's found on personal or enterprise networks, is likely vulnerable to a key reinstallation attack. Affected products range from personal routers to smartphones.
What Can You Do to Protect Yourself?
Organizations and users can defend themselves against KRACKs by contacting every vendor from which they've purchased a device that uses Wi-Fi and inquiring about the state of an update. They should also consider using a virtual private network (VPN) as well as websites that only use HTTPS for additional protection against data interception. While they wait, businesses can disable client functionality and 802.11r (fast roaming). As for users, they should prepare to update their smartphones, laptops, and other network devices as soon as each vendor fix becomes available.
