Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
The proof-of-concept exploit is called KRACK, short for Key Reinstallation
Attacks.

It works by exploiting a four-way handshake that's used to establish a key
for encrypting traffic. During the third step, the key can be resent
multiple times. When it's resent in certain ways, a cryptographic nonce can
be reused in a way that completely undermines the encryption.

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

He who is harry newton said on Mon, 16 Oct 2017 06:33:13 +0000 (UTC):

It works by exploiting a four-way handshake that's used to establish a key
for encrypting traffic. During the third step, the key can be resent
multiple times. When it's resent in certain ways, a cryptographic nonce can
be reused in a way that completely undermines the encryption.

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

More links now that they published the paper on the attack a half hour ago.
https://www.krackattacks.com

Manufacturers apparently had 50 days to effect the fix:
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
https://papers.mathyvanhoef.com/ccs2017.pdf

Updates in http://tinyurl.com/alt-internet-wireless

He who is KenW said on Mon, 16 Oct 2017 07:36:14 -0600:

Kind of hard until the manufacturer says there is a fix.

I have Ubiquiti equipment where I've been in contact with them.

They already had the fix since they received notice 50 days ago.

But they told me this morning that they just received new information so
they're effecting a second fix as we speak.

He who is harry newton said on Mon, 16 Oct 2017 06:33:13 +0000 (UTC):

It works by exploiting a four-way handshake that's used to establish a key
for encrypting traffic.

Here is ubiquiti's response to the AirMax products that I often use on my
rooftop and as my many access points in my house and barn and pool and
corral and driveway gate cameras, etc., and that all my neighbors use for
our WISP radios.

"Yes, this is a very big problem for WPA2 clients that won't get any more
updates. But let's keep this thread focused on airMAX products.

First of all, you are mostly covered if you are running v8.4.0 (AC series)
or v6.0.7 (M series). We will fully resolve the issue with v8.4.2/v6.1.2
(betas aimed for the end of this week). Furthermore, our proprietary airMAX
protocol makes simple attacks more difficult to carry out.

Will be fully fixed with v8.4.2/v6.1.2:
CVE-2017-13077: reinstallation of the pairwise key in the Four-way
handshake
CVE-2017-13078: reinstallation of the group key in the Four-way handshake
CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
CVE-2017-13080: reinstallation of the group key in the Group Key handshake
CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
Unaffected:
CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame"

In message , harry newton
writes:
[]
If your device supports Wi-Fi, it is most likely affected.
[]
Just out of curiosity, does the device have to be _using_ WPA/WPA2 to be
vulnerable - i. e. would one still using WEP, or even no encryption
(neither being a good idea for other reasons) still be susceptible, or
immune?
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Santa's elves are just a bunch of subordinate Clauses.

In alt.internet.wireless, J. P. Gilliver (John) wrote:
harry newton writes:
If your device supports Wi-Fi, it is most likely affected.
Just out of curiosity, does the device have to be _using_ WPA/WPA2 to be
vulnerable - i. e. would one still using WEP, or even no encryption
(neither being a good idea for other reasons) still be susceptible, or
immune?

The attack is against the WPA handshake. No WPA, no attack from this
method. WEP and no-encryption cases are subject to different attacks.

The fix (I gather) is to protect against accepting replays during the
handshake.

Elijah
------
get ready to patch all your IoT devices, they sure make life easier, right?

How does this colloquial summary for my family look - in case you want to
send one to YOUR family?
========
People are asking what to do about the KRACK Attack vulnerability (note the
pleonasm), so I figured I'd let everyone know what it is & I figured I'd
give folks the opportunity to ask question if they're concerned.

The canonical site for the attack is written by the white hat who found it:
https://www.krackattacks.com/

Here's my ad-hoc summary, written with respect to what you and I need to
know & do.

1. In May, the white hat notified the government & vendors he found a bug
in all WPA WiFi (e.g., WPA2) where someone who is *close* enough to
intercept the signals can see everything you do.

2. It affects all WiFi devices but the worst affected is Android at or over
version 6, macOS, Linux, and really fast (i.e., 802.11r fast roaming)
routers set up as repeaters (i.e., as a second router).

Far less affected are the WiFi in iPhones, iPads, iPods, older Android
devices, Windows computers, and normal routers (e.g., 802.11n or 802.11ac),
especially if they're set up as the main router (and not as a repeater).

3. There is only one viable solution, which is to *update* your device
firmware or software, whether that be a mobile phone, a laptop, a desktop,
a router working as a repeater, or the main router.

The order of priority should be:
a. If you have Android 6+, then you *should* update soon.
b. If you have MacOS or Linux, then you should update soon.
c. If you have an 802.11r router, then you should update soon.

You can take your sweet time on everything else, but everything needs to be
updated.

4. The problem, of course, is *how* to update each device.
a. First look for your device to see if there is an update
https://www.kb.cert.org/vuls/id/228519
b. Then try to find the update

http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/
c. Then update.

What a pain. Let me know if you have questions.
========

In message , harry newton
writes:
How does this colloquial summary for my family look - in case you want to
send one to YOUR family?

Thanks: I've marked your post as keep.

As to how it "looks", assuming by "colloquial" you meant understandable
by everyone, I envy you your family, if you can throw in words and
phrases like pleonasm, canonical, ad-hoc, vendors, and "whether that be"
at random! (OK, I could with mine, but he's a lexicographer! I myself am
not _too_ sure what pleonasm means - from context, I'm guessing
tautology.)
[]
Thanks again, though!
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The fifth bestselling detail of all time: the Ford Transit. (RT/C4 2015-5-24.)

He who is J. P. Gilliver (John) said on Sun, 29 Oct 2017 13:53:14 +0000:

Thanks: I've marked your post as keep.


Thanks J.P. Gilliver for *appreciating* the effort.
See below for another effort I made just now to *simplify* the learning
steps so that the *next* person can just click on the pictures to get an
*idea* of the process involved in updating any WiFi device.

As to how it "looks", assuming by "colloquial" you meant understandable
by everyone, I envy you your family, if you can throw in words and
phrases like pleonasm, canonical, ad-hoc, vendors, and "whether that be"
at random! (OK, I could with mine, but he's a lexicographer! I myself am
not _too_ sure what pleonasm means - from context, I'm guessing
tautology.)

My entire family is well educated, as are most in the USA, with more than a
degrees piled high and deep - but I'm the only one with a few technical
degrees (science and engineering) - the rest are lawyers and educators so
they're not up to speed on technical stuff (that's why I was born).

Since I have more than a half dozen access points and a dozen or more WiFi
devices in the home, I documented in detail the update of just *one* of my
transceivers (which is set up as an access point), so that others might
benefit from a pictorial view of the whole process.

This specific radio transmits 26 decibels (dBm) of power into an 18 decibel
antenna (dBi) so it can easily connect by WiFi to a house 10 miles away,
but it's only being used to connect to the barn WiFi cameras which are only
about 1/2 kilometer away (so, yeah, it's overkill) but at the same time, it
paints an area which allows anyone within miles to connect to my router via
their cellphone WiFi if they knew how to.

As always, to help everyone increase their knowledge in every post, I
documented the steps below so that anyone can learn how it's done in a
minute, without having to make mistakes.

(0) Log into your radio using your administrator login & password
http://wetakepic.com/images/2017/10/29/00_PB400_firmware_update_krack.jpg

(1) Check the firmware version (noting the board revision, e.g., XW)
http://wetakepic.com/images/2017/10/29/01_PB400_firmware_update_krack.jpg

(2) Hit the "Check Now" button to see if you can update from here
http://wetakepic.com/images/2017/10/29/02_PB400_firmware_update_krack.jpg

(3) If not, go to the manufacturer's web site to locate the firmware file
http://wetakepic.com/images/2017/10/29/03_PB400_firmware_update_krack.jpg

(4) You may have to agree to the manufacturer's updated EULA
http://wetakepic.com/images/2017/10/29/04_PB400_firmware_update_krack.jpg

(5) Download the file to a known location on your computer
http://wetakepic.com/images/2017/10/29/05_PB400_firmware_update_krack.jpg

(6) Save the file in a logical location on your computer for future use
http://wetakepic.com/images/2017/10/29/06_PB400_firmware_update_krack.jpg

(7) Then in the radio, press the "Upload Firmware Choose File" button
http://wetakepic.com/images/2017/10/29/07_PB400_firmware_update_krack.jpg

(8) Wait for the firmware to upload (it may take a minute or two)
http://wetakepic.com/images/2017/10/29/08_PB400_firmware_update_krack.jpg

(9) Once uploaded, press the "Update" button to update the firmware
http://wetakepic.com/images/2017/10/29/09_PB400_firmware_update_krack.jpg

(10) Wait for the firmware to be updated (it may take a minute or two)
http://wetakepic.com/images/2017/10/29/10_PB400_firmware_update_krack.jpg

(11) Do not power down while you are waiting for the firmware to update
http://wetakepic.com/images/2017/10/29/11_PB400_firmware_update_krack.jpg

(12) When done, the radio will reboot; log back in to check results
http://wetakepic.com/images/2017/10/29/12_PB400_firmware_update_krack.jpg

(13) You should note that the firmware is now updated to the latest
revision
http://wetakepic.com/images/2017/10/29/13_PB400_firmware_update_krack.jpg

(14) Doublecheck now that everything is updated that it is working fine
http://wetakepic.com/images/2017/10/29/14_PB400_firmware_update_krack.jpg