SECURITY ALERT: Breaking WPA2 by forcing nonce reuse

Discussion in 'UDOO X86' started by LDighera, Oct 17, 2017.

  1. LDighera

    LDighera UDOOer

    Joined:
    Jan 13, 2014
    Messages:
    206
    Likes Received:
    36
    SECURITY ALERT

    See: Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
    Discovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing

    Virtually all WPA2 WiFi systems are vulnerable to this KRACK attack.

    Install latest Intel drivers and update router firmware.

    CERT Vendor Information for VU#228519
    Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse

    Code:
    Key Reinstallation Attacks
    
    Breaking WPA2 by forcing nonce reuse
    
    Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven
     
    PAPER: https://papers.mathyvanhoef.com/ccs2017.pdf
     
    TOOLS: https://www.krackattacks.com/#demo
     
    We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.    This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
    
    The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.
    
    The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded. ...
    
     

    Attached Files:

    Last edited: Oct 17, 2017
    Markus Laire likes this.
  2. Dooremoi

    Dooremoi New Member

    Joined:
    Oct 20, 2017
    Messages:
    1
    Likes Received:
    1
    LDighera likes this.

Share This Page