This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.” (Vanhoef & Piessen, 2017). “ This attack abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key”, and according to authors of the research paper, “ attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. The authors published the research paper titled ‘Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2’ in October 2017 which caused a worldwide concern about the future of the WPA2 security. The KRACK attack was first exposed in May 2017 by Mathy Vanhoef and Frank Piessens, two researchers at KU Leuven (the largest university in Belgium).
The issue currently impacts most if not all Wi-Fi devices, such as devices that use Android, Windows or Linux operating systems, including wireless devices manufactured by the major Wi-Fi product vendors. The most recent WPA2 vulnerability is documented under the name ‘ KRACK Attack,’ alternatively also called the ‘ Key Reinstallation Attack.’ KRACK attack is likely the most severe weakness which has been discovered in the WPA2 protocol and the first vulnerability that allows the attacker to read the WPA2 encrypted traffic without awareness of the actual wireless password.
It also showed that 22% of all wireless networks are unsecured and WEP, as well as original WPA protocol, are quickly losing ground to WPA2.įigure 1 – Research on unsecured Wi-Fi networks across the world – Legezo (2016).Ībove statistics (Figure 1) shows, that any vulnerability associated with WPA2 security algorithm will introduce a huge risk, which brings me to a most recent vulnerability discovered in the WPA2 protocol.Ībout WPA2 Vulnerability – KRACK Attack (Key Reinstallation Attack) Figure 1 illustrates that WPA2 is currently used on 68% of all wireless networks in the world.
In 2006 Kaspersky Security Network (KSN) examined close to 32 million Wi-Fi hotspots and released the statistics which demonstrated the massive popularity and acceptance of the WPA2 protocol. “ It is almost impossible to overestimate the amount of time and money that will be saved if wireless security is set forth as a guiding tenet of wireless architecture.” (Swaminatha & Elden, 2002). According to authors of the survey on security scheme and attacking methods of WPA/WPA2, published in 2010, the strategy intent behind creating WPA2 was mainly to “ to defeat forgery attack, replay attack, weak-key attack” (Liu, Jin & Wang, 2010). In 2004, Wi-Fi Alliance established a new security protocol called WPA2, which was primarily created to reinforce the common security of WLANs by further enhancing the overall safety of wireless networks.
Then I’ll explain in detail how to use Kali Linux installed on a VirtualBox to serve as a testing machine.
I’ll introduce WPA2 and show that it’s the most popular type of Wi-Fi protocol today. Serious? You bet…įirst I’ll talk about the most recent type of attack associated with the Wi-Fi Protected Access II (WPA2) protocol and summarize what KRACK Attack issue is and why it makes WPA2 protocol so vulnerable. The main issue introduced by KRACK attack is that it allows attackers to intercept all wirelessly transferred information in an unencrypted format, and do so without the knowledge of the wireless WPA/WPA2 network password. This article also explores a newly discovered vulnerability of WPA2 named KRACK Attack (key reinstallation attack) in little more detail, as it’s one of the biggest vulnerabilities found in WPA2 to this day (patched only by a handful operating systems and Wi-Fi product manufacturers).
Then I’ll illustrate the process of testing recently patched Windows 10 as well as testing unpatched Android 7.0 mobile phone against the key Reinstallation Attack. I’ll demonstrate the processes of executing the test using Kali Linux installed in the VirtualBox on a Windows machine. The following article demonstrates the process of testing any Wi-Fi capable device against a key reinstallation attack.