Security breach in WPA2 protocol: what is the KRACK attack?
“KRACK Wi-Fi attack threatens all networks”, “KRACK Wi-Fi flaw, the big issue for Wi-Fi network”… the internet has been in shambles for ten days due to the flaw discovery on the Wi-Fi network security process.
What is the KRACK issue?
KRACK stands for Key Reinstallation AttaCK and it designates the issue occurring when the third step of a four-way authentication process, performs in the wrong way.
To be clear, during the third step of the authentication process (when a device tries to connect to a protected Wi-Fi network), the encryption key can be sent multiple times to get access to the protected Wi-Fi network. Security issues occur when a hacker can collect this information and replay the transmission to break the Wi-Fi security encryption key.
What happens when the Wi-Fi encryption key is broken?
If a hacker gets the encryption key, they will be able to “sniff” your data and steal your sensitive information such as credit card details, emails, pictures, passwords and so on. The risk is the same as using a non-protected Wi-Fi network; users data is potentially accessible to all.
Moreover, the United-States Computer Emergency Readiness Team declared about KRACK issues that “the impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others”.
Which devices are vulnerable?
The KRACK attack is not an issue for the device itself, but the information it contains. All data sent on a Wi-Fi network without encryption key is as vulnerable as it when the user visits websites that are not HTTPS. You need to update your smartphone, tablet, router and computer with the latest security release to reduce the risk of data theft. Nevertheless, researchers said Android devices were more likely to be at risk rather than other mobile phones, same for Linux runners, considered as the most vulnerable devices.
Why are Tanaza users not concerned by this KRACK issue?
To prevent KRACK attacks in any Tanaza network, Tanaza introduced the fix in its latest firmware release. To avoid any risk, both the firmware and the customer device have to contain the fix for this attack.
This specific attack is against the 4-way handshake and it’s explicitly intended to exploit customers devices rather than access points. By using the Man-in-the-Middle attack (or MitM), hackers try to gather sensible data by misleading the device for the connection authentication and the user for the web surfing security (e.g. preventing websites from using HTTPS encryption and collecting any data such as usernames and passwords during any login process).
In a few words, if your access points runs on the latest Tanaza firmware and your devices are updated, you are protected from this KRACK issue.