KRACK Attack: Breaking WPA2

Posted by on October 17, 2017 0 Comment

The Krack Attack affects most wireless networks and clients across the world. Wireless networks play a crucial role in the digital world and most internet users use WiFi networks on a daily basis. Having encryption on wireless networks has become the benchmark and over the years we’ve had many encryption algorithms for WiFi communication – First WEP, followed by WPA and now WPA2.

That being said – In line with Murphy’s law and assisted by growing computational capabilities thanks to Moore’s Law – Each one of them has eventually succumbed to a vulnerability that renders it irrelevant.

WPA2 has been so far considered as the most trusted and secure protocol for wireless communication till date.

A security researcher from the Belgian University KU Leuven named Mathy Vanhoef released details about an attack called KRACK – Key Re-installation Attack for WPA2 protocol on his website.

Vanhoef writes about this attack on his website:

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available.

Our main attack is against the 4-way handshake of the WPA2 protocol. This handshake is executed when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials (e.g. the pre-shared password of the network). At the same time, the 4-way handshake also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic. Currently, all modern protected Wi-Fi networks use the 4-way handshake. This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES. All our attacks against WPA2 use a novel technique called a key reinstallation attack (KRACK). 

Here’s How the KRACK WPA2 Attack Works:

What is the impact ?

According to the researcher the impact of this vulnerability depends on the handshake being attacked, and the data-confidentiality protocol in use since against AES-CCMP an attacker can only replay and decrypt packets but can’t forge it.

“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others,” the US-CERT warned. “Note that as protocol-level issues, most or all correct implementations of the standard will be affected.”

To simply a bit, the communication over HTTPS is secure (but may not be 100 percent secure) and cannot be decrypted using the KRACK attack. That being said, you are advised to use a secure VPN service – which encrypts all your Internet traffic whether it’s HTTPS or HTTP.

How to protect your networks from Krack Attack?

As of now the only efficient mechanism is to apply patches / updates for clients and deploy the latest firmware being released. Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack.

Below are some firmware and driver updates available for KRACK WPA2 vulnerability for the major vendors :

The complete list is available at Bleeping computer where they are tracking the progress of each specific vendor’s patch release.

Krack Attack - WPA2 Patch Story

Image Source : CommitStrip

Is there anyway to mitigate this attack?

Until a patch and firmware update are released by your vendor, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.

Assigned CVE Identifiers

The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of our key re-installation attack:

  • CVE-2017-13077: Re-installation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
  • CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
  • CVE-2017-13082: Accepting a re-transmitted Fast BSS Transition (FT) Re-association Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
  • CVE-2017-13084: Re-installation of the STK key in the PeerKey handshake.
  • CVE-2017-13086: re-installation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
  • CVE-2017-13087: Re-installation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

Note that each CVE identifier represents a specific instantiation of a key re-installation attack. This means each CVE ID describes a specific protocol vulnerability, and therefore many vendors are affected by each individual CVE ID. You can also read vulnerability note VU#228519 of CERT/CC for additional details on which products are known to be affected.

How does it work?

The attack occurs due to a vulnerability in the 4-way handshake or against cipher suites defined in the WPA2 protocol and hence all products using the correct implementation of the protocol are vulnerable. The attacks targets the 4-way handshake, and does not exploit access points, but instead targets the clients.

The idea behind this attack is to abuse the keys being used in phase 3 of 4 way handshake where key is generated after 2 way handshake between AP and client.

This authenticated key can be captured with MITM and can be replayed to exploit the vulnerability since the keys are already used and fully authenticated and verified for handshake between AP and client.

Earlier the reuse of generated and used keys was not possible for further implementation since the router used to get restarted for multiple use of same key. Even if the same problem occurs in current scenario, the attackers are able misuse this since keys are stored in non-volatile memory on boot during restart

5 Steps to Avoid Phishing Scams in E-mail

Posted by on December 25, 2012 3 Comments

Anyone with an e-mail account, has at some point of time received phishing or scam e-mails. These range from Nigerian Princes to Local Banks requesting funds, assistance and so on. Some of these e-mails may be legitimate (sans the Nigerian prince), however most of these are a common technique known as phishing. Phishing scams are used by fraudulent scammers to get your personal information such as credit card details, username password, banking details and so on.

A friend of mine recently received an e-mail from his bank informing him that “his account was accessed from a blacklisted location and he should update his account information to avoid termination of services”. On opening the link, it presented him with an identical login form of the banks net-banking portal. Only this form asked for information such as Corporate ID, User ID, Login Password, Transaction Password, Mobile Number, Email Address and Email Password.

Phishing Evidence
Sample Phishing Page

Anytime you receive such e-mails, you should keep the following in mind:

  • Banks will never ask you to provide account or other personal identification information via email.
  • Banks will never ask you to click a link in-order to keep your account open.
  • Banks will never threaten to take immediate action unless you perform an act such as clicking a link etc.
  • Banks will never ask you to login with your e-mail account username & password.

Today, these sort of attacks commonly take place against e-mail accounts, social networking accounts and even targeted attacks against corporate users.

Here are 5 simple ways one can take to avoid becoming a victim to any such phishing attacks:

1. Avoid clicking links in phishing or scam mails and instead manually type them in a browser

Scammers often use links such as “baank.com” instead of the legitimate website “bank.com”. So it is recommended that you should manually type in the website link in the browser as opposed to clicking links in the email.

Fake-Link-300x108
Sample Phishing Mail – Fake Link

In the case where the e-mail seems urgent, you can always call the bank and confirm whether the e-mail was really sent by them.

2. Check the sender address in the phishing or scam mails

Scammers usually send phishing mails from addresses like “[email protected]” or “[email protected]”. So we can easily identify a phishing mail by making sure that the email received is from a legitimate sender.

Fake-Email
Sample Phishing Mail – Fake Email

You can refer to any previous e-mails sent by your bank and cross-reference the address in the suspicious e-mail.

3. Verify SSL (https://) authenticity on phishing or scam links

Generally, phishing links either have no SSL or use an invalid SSL certificate. This can be verified by simply viewing the link in the address bar of your browser and check if it starts with https:// instead of http://.

If the SSL certificate is not valid, then your browser will immediately show an error, in which case you need to stop browsing the link and report the e-mail to your bank.

Example of SSL certificate error in Firefox, Chrome and Internet Explorer are shown below:
SSL Certificate Error

4. Avoid replying with sensitive information to phishing or scam mails

Banks will never ask you to provide account or other personal identification information via email. Any email enforcing you to do so is most likely not legitimate and should be reported to your bank.

Banking details and login credentials should be communicate via telephone or through the legitimate website using proper SSL communication.

5. Keep your anti-virus up-to-date to detect and block phishing or scam mails

Most antivirus vendors have signatures that protects user against some common phishing attacks. Hence it is recommended that your anti-virus is kept up-to-date so that it would have the latest signatures and rule sets.

Also, it can prevent things such as a Trojan disguising your Web address bar or mimicking an https secure link. If your antivirus software is not up-to-date, you are usually more susceptible to attacks that can hijack your Web browser and put you at risk for phishing attacks.

For Windows users, we would recommend the free version of Microsoft Security Essentials available on the Microsoft website.

If you have or do come across any such phishing incident, you can report it to CERT-In (CERT-In (Cyber Emergency Response Team of India) at [email protected]