Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
The proof-of-concept exploit is called KRACK, short for Key Reinstallation
Attacks.  

It works by exploiting a four-way handshake that's used to establish a key
for encrypting traffic. During the third step, the key can be resent
multiple times. When it's resent in certain ways, a cryptographic nonce can
be reused in a way that completely undermines the encryption.

<https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/


Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
He who is harry newton said on Mon, 16 Oct 2017 06:33:13 +0000 (UTC):

Quoted text here. Click to load it

Here is ubiquiti's response to the AirMax products that I often use on my
rooftop and as my many access points in my house and barn and pool and
corral and driveway gate cameras, etc., and that all my neighbors use for
our WISP radios.

"Yes, this is a very big problem for WPA2 clients that won't get any more
updates. But let's keep this thread focused on airMAX products.
  
First of all, you are mostly covered if you are running v8.4.0 (AC series)
or v6.0.7 (M series). We will fully resolve the issue with v8.4.2/v6.1.2
(betas aimed for the end of this week). Furthermore, our proprietary airMAX
protocol makes simple attacks more difficult to carry out.
  
Will be fully fixed with v8.4.2/v6.1.2:
CVE-2017-13077: reinstallation of the pairwise key in the Four-way
handshake
CVE-2017-13078: reinstallation of the group key in the Four-way handshake
CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
CVE-2017-13080: reinstallation of the group key in the Group Key handshake
CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
Unaffected:
CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame"

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
He who is harry newton said on Mon, 16 Oct 2017 06:33:13 +0000 (UTC):

Quoted text here. Click to load it

More links now that they published the paper on the attack a half hour ago.
 <https://www.krackattacks.com

Manufacturers apparently had 50 days to effect the fix:
 Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
 <https://papers.mathyvanhoef.com/ccs2017.pdf

Updates in http://tinyurl.com/alt-internet-wireless

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
He who is KenW said on Mon, 16 Oct 2017 07:36:14 -0600:

Quoted text here. Click to load it

I have Ubiquiti equipment where I've been in contact with them.  

They already had the fix since they received notice 50 days ago.

But they told me this morning that they just received new information so
they're effecting a second fix as we speak.

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
How does this colloquial summary for my family look - in case you want to
send one to YOUR family?
========
People are asking what to do about the KRACK Attack vulnerability (note the
pleonasm), so I figured I'd let everyone know what it is & I figured I'd
give folks the opportunity to ask question if they're concerned.

The canonical site for the attack is written by the white hat who found it:
<https://www.krackattacks.com/

Here's my ad-hoc summary, written with respect to what you and I need to
know & do.

1. In May, the white hat notified the government & vendors he found a bug
in all WPA WiFi (e.g., WPA2) where someone who is *close* enough to
intercept the signals can see everything you do.

2. It affects all WiFi devices but the worst affected is Android at or over
version 6, macOS, Linux, and really fast (i.e., 802.11r fast roaming)
routers set up as repeaters (i.e., as a second router).  

Far less affected are the WiFi in iPhones, iPads, iPods, older Android
devices, Windows computers, and normal routers (e.g., 802.11n or 802.11ac),
especially if they're set up as the main router (and not as a repeater).

3. There is only one viable solution, which is to *update* your device
firmware or software, whether that be a mobile phone, a laptop, a desktop,
a router working as a repeater, or the main router.

The order of priority should be:
a. If you have Android 6+, then you *should* update soon.
b. If you have MacOS or Linux, then you should update soon.
c. If you have an 802.11r router, then you should update soon.

You can take your sweet time on everything else, but everything needs to be
updated.

4. The problem, of course, is *how* to update each device.
a. First look for your device to see if there is an update
   <https://www.kb.cert.org/vuls/id/228519
b. Then try to find the update

<http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/
c. Then update.

What a pain. Let me know if you have questions.
========

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
Quoted text here. Click to load it

Thanks: I've marked your post as keep.

As to how it "looks", assuming by "colloquial" you meant understandable  
by everyone, I envy you your family, if you can throw in words and  
phrases like pleonasm, canonical, ad-hoc, vendors, and "whether that be"  
at random! (OK, I could with mine, but he's a lexicographer! I myself am  
not _too_ sure what pleonasm means - from context, I'm guessing  
tautology.)
[]
Thanks again, though!
--  
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The fifth bestselling detail of all time: the Ford Transit. (RT/C4 2015-5-24.)

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
He who is J. P. Gilliver (John) said on Sun, 29 Oct 2017 13:53:14 +0000:

Quoted text here. Click to load it


Thanks J.P. Gilliver for *appreciating* the effort.  
See below for another effort I made just now to *simplify* the learning
steps so that the *next* person can just click on the pictures to get an
*idea* of the process involved in updating any WiFi device.

Quoted text here. Click to load it

My entire family is well educated, as are most in the USA, with more than a
degrees piled high and deep - but I'm the only one with a few technical
degrees (science and engineering) - the rest are lawyers and educators so
they're not up to speed on technical stuff (that's why I was born).

Since I have more than a half dozen access points and a dozen or more WiFi  
devices in the home, I documented in detail the update of just *one* of my  
transceivers (which is set up as an access point), so that others might  
benefit from a pictorial view of the whole process.

This specific radio transmits 26 decibels (dBm) of power into an 18 decibel  
antenna (dBi) so it can easily connect by WiFi to a house 10 miles away,  
but it's only being used to connect to the barn WiFi cameras which are only  
about 1/2 kilometer away (so, yeah, it's overkill) but at the same time, it  
paints an area which allows anyone within miles to connect to my router via  
their cellphone WiFi if they knew how to.

As always, to help everyone increase their knowledge in every post, I  
documented the steps below so that anyone can learn how it's done in a  
minute, without having to make mistakes.

(0) Log into your radio using your administrator login & password
<http://wetakepic.com/images/2017/10/29/00_PB400_firmware_update_krack.jpg

(1) Check the firmware version (noting the board revision, e.g., XW)
<http://wetakepic.com/images/2017/10/29/01_PB400_firmware_update_krack.jpg

(2) Hit the "Check Now" button to see if you can update from here
<http://wetakepic.com/images/2017/10/29/02_PB400_firmware_update_krack.jpg

(3) If not, go to the manufacturer's web site to locate the firmware file
<http://wetakepic.com/images/2017/10/29/03_PB400_firmware_update_krack.jpg

(4) You may have to agree to the manufacturer's updated EULA
<http://wetakepic.com/images/2017/10/29/04_PB400_firmware_update_krack.jpg

(5) Download the file to a known location on your computer
<http://wetakepic.com/images/2017/10/29/05_PB400_firmware_update_krack.jpg

(6) Save the file in a logical location on your computer for future use
<http://wetakepic.com/images/2017/10/29/06_PB400_firmware_update_krack.jpg

(7) Then in the radio, press the "Upload Firmware Choose File" button
<http://wetakepic.com/images/2017/10/29/07_PB400_firmware_update_krack.jpg

(8) Wait for the firmware to upload (it may take a minute or two)
<http://wetakepic.com/images/2017/10/29/08_PB400_firmware_update_krack.jpg

(9) Once uploaded, press the "Update" button to update the firmware
<http://wetakepic.com/images/2017/10/29/09_PB400_firmware_update_krack.jpg

(10) Wait for the firmware to be updated (it may take a minute or two)
<http://wetakepic.com/images/2017/10/29/10_PB400_firmware_update_krack.jpg

(11) Do not power down while you are waiting for the firmware to update
<http://wetakepic.com/images/2017/10/29/11_PB400_firmware_update_krack.jpg

(12) When done, the radio will reboot; log back in to check results
<http://wetakepic.com/images/2017/10/29/12_PB400_firmware_update_krack.jpg

(13) You should note that the firmware is now updated to the latest  
revision
<http://wetakepic.com/images/2017/10/29/13_PB400_firmware_update_krack.jpg

(14) Doublecheck now that everything is updated that it is working fine
<http://wetakepic.com/images/2017/10/29/14_PB400_firmware_update_krack.jpg

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
[]
Quoted text here. Click to load it
[]
Just out of curiosity, does the device have to be _using_ WPA/WPA2 to be  
vulnerable - i. e. would one still using WEP, or even no encryption  
(neither being a good idea for other reasons) still be susceptible, or  
immune?
--  
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Santa's elves are just a bunch of subordinate Clauses.

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
Quoted text here. Click to load it

The attack is against the WPA handshake. No WPA, no attack from this
method. WEP and no-encryption cases are subject to different attacks.

The fix (I gather) is to protect against accepting replays during the
handshake.  

Elijah
------
get ready to patch all your IoT devices, they sure make life easier, right?

Site Timeline