WPA2 is the protocol that secures all modern protected Wi-Fi networks. Recently there’s been a great deal of concern after Mathy Vanhoef of KU Leuven published a microsite describing research that suggests an attacker within range of a victim can exploit certain weaknesses using key reinstallation attacks.
WPA2 protocol compromised by new exploits
Headlines like ‘Most or all Wi-Fi security vulnerabilities’ certainly seem alarming. The main worries seem to be centred on Internet of Things (IoT) devices, which are unlikely to ever get patched in the same way that more traditional technologies get protected. Vulnerable IoT devices may be items like fridges, sprinkler systems, and even garage doors.
As Wired points out, “The extent of this fallout remains to be seen. Security analysts say it’s a tricky vulnerability to take advantage of, and major platforms like iOS, macOS, and Windows are either unaffected or have already been patched. But given the millions of routers and other IoT devices that will likely never see a fix, the true cost of Krack could play out for years.”
Wired also advises: “IoT devices rarely receive the necessary software updates to correct security issues. For a problem as complex as Krack, which impacts the industry at a protocol level and requires a coordinated effort to fix, in many cases your best bet is just to buy new equipment once patched options are on the market.”
Why it’s not all doom and gloom for wireless security
The good news is that, for more conventional wireless clients, live updates and patches have been rapidly provided by vendors. There’s even positive news for those on corporate networks, as The Register explains:
“VPN and other security technologies can offer protection to connections pending the availability of software update... Crypto expert Arnold KL Yau [said]: ‘This sounds bad. However, a significant amount of the risk would be mitigated for services that use strong encryption at the transport or application layer as well as applications secured by encrypted VPN protocols.’”
In a follow up article, Iain Thomson provides further reassurances: “For a start, an eavesdropper has to be in wireless range of the target network, and have the time and specialised software to pull off the Krack technique. There is, to the best of our knowledge, no working exploit code available yet – and practical attacks may only be possible against Linux and Android. Secondly, if your network traffic is encrypted using HTTPS, a VPN, SSH, TLS, or similar, Krack won't get very far. All the miscreant will see, after deciphering the wireless network packets, is more encrypted data. At that point, the snooper is just like any other spy potentially sitting on the vast web of networks between you and the website or service you're connected to.”
Conventional wisdom once again triumphs – how many times have we heard security experts telling us to enforce encryption standards? The point is that even if any sensitive data is hacked, it’s then got no value to the hacker. Of course, that won’t stop those hackers who are simply beavering away at every opportunity simply waiting for unencrypted data to show up.
What about access point vulnerabilities?
Ten separate Common Vulnerabilities and Exposures (CVE) identifiers were assigned by KU Leuven to track which products are affected by specific instantiations of Krack. Most relate to Wi-Fi clients themselves, but one specifically addresses access points.
CVE-2017-13082 explains that an attacker can expose sensitive information exchanged between a client device and a wireless access point (AP) by taking advantage of the fact that replayed frames aren’t accounted for when establishing a connection using Fast Secure Roaming (FT). This allows an attacker to replay data sent to an AP, including sensitive encryption key data — enabling that attacker to decrypt/forge wireless frames. As noted above, an attacker needs to be in close proximity to the AP or client under attack.
802.11r is a standard for improving the roaming experience of wireless client devices as they physically move about a given network and, by virtue of distance and signal strength, automatically associate and disassociate to various access points (AP). Associating to a new AP takes time, thanks to necessary authentication. FT speeds up the authentication and association process for roaming clients
Cisco points out that only unpatched wireless networks that have enabled 802.11r functionality are at risk, and like other vendors it has moved fast to close any loopholes. Its own Meraki arm has already identified at-risk customer networks that actively use FT and has deployed a firmware patch to address this vulnerability. Affected customers can receive this patch via a seamless cloud update, and the company is strongly urging any customers opting out to disable 802.11r on their networks.
Meraki has also created a dynamic dashboard page (Help > 802.11r Vulnerability Impact) to help its customers quickly identify vulnerable networks. The page dynamically updates network vulnerability status based on firmware applied and whether 802.11r is enabled.
A note for conspiracy theorists
Finally, according to ZDNet, the US National Security Agency (NSA) won't say if it already knew about Krack. That’s raised eyebrows in some quarters.
A 2010-dated top secret NSA document leaked by whistleblower Edward Snowden detailed a hacking tool called BADDECISION, an ‘802.11 CNE tool’ which uses a frame injection technique to redirect targets to one of the NSA's own servers. The slide said the hacking tool ‘works for WPA/WPA2,’ suggesting that BADDECISION could also bypass the encryption.
As ZDNet says, “No wonder some thought the hacking tool was an early NSA-only version of Krack.”
