There’s a hole in Wi-Fi security, and it affects the vast majority of Wi-Fi devices and networks. That very likely means your phone, your home wireless network, your wireless network at work — everything.
Belgian security researcher Mathy Vanhoef from the imec-DistriNet research group at the KU Leuven university has discovered a vulnerability in the WPA2 security protocol, used by nearly every Wi-Fi device out there. It allows an attacker to remotely extract decrypted data from a protected Wi-Fi network without knowing the password.
Called KRACK, the attack does not actually recover the victim’s Wi-Fi password. It works by reinstalling the encryption key that’s already in use which, due to a flaw in WPA2, can be used to remotely decrypt traffic.
Since this is a hole in the WPA2 protocol itself, all devices are affected in some way, no matter the software you’re running. Wi-Fi routers, Android phones, iOS devices, Apple computers, Windows computers, Linux computers — all of them.
The flaw is also present in the earlier, WPA security protocol, and with any encryption suite, including WPA-TKIP, AES-CCMP, and GCMP.
The vulnerability is extremely dangerous. An attacker could use it to decrypt some or all traffic from a network, including your passwords, credit card numbers, metadata such as cookies etc. In some cases, an attacker could be able to inject malicious data directly into the traffic, like adding malware to a (normally safe) website you’re visiting.
Depending on the encryption protocols one uses, the attack can range from bad to worse; in some cases, an attacker will only be able to decrypt your traffic. In others, they’ll be able to essentially take over your connection, forging and injecting packets as they please.
For example, 41% of Android devices and currently in use and numerous Linux variants are vulnerable to a particularly nasty variant of the attack, which according to Vanhoef, “makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices.”
On the other end of the spectrum are iOS, Windows 7, Windows 10 and OpenBSD, which are only vulnerable to the most basic of attacks.
How screwed we all are, really?
There’s a sliver lining, however. Vanhoef claims that this hole can be patched on current devices in a way that doesn’t break compatibility. In other words, your patched device will still communicate with other, unpatched devices out there. It will take a long time for all vendors to update all devices out there, and some may never receive the update. But news of this vulnerability did not come overnight; it was anticipated and some vendors have already patched their devices.
Furthermore, this is primarily an attack against clients; devices connected to a network, not routers. This means that, while routers may be vulnerable, the priority for users will be to update clients, such as laptops, smartphones, IoT devices and the like. And getting a macOS, Linux or an Android update will likely be faster than getting an update to that old router you have in the basement.
Another important bit of news is that some of the attacks described in Vanhoef’s paper are hard to do, meaning there won’t be kid hackers wardriving and stealing your data anytime soon. Generally, an attacker needs to be in the range of the victim’s Wi-Fi network, launch a man-in-the-middle attack against a client connected to that network, spoof its MAC address and change the Wi-Fi channel, all of which can be done today but requires a fair degree of technical knowledge. Then, the attacker would have to launch a script exploiting the KRACK security flaw in some way and collect the decrypted data or inject new data into the network. Very few people possess the technical knowledge to do all this.
Vanhoef has built a script that exploits this vulnerability on certain Android and Linux devices (see demo video below), but he will only release it “once everyone had a reasonable chance to update their devices.” But given the nature of this security flaw, it likely won’t turn WPA2 into WEP, the earlier Wi-Fi encryption standard, which is thoroughly insecure in all implementations and easily crackable by anyone within minutes.
In other words, there’s probably no need to turn off your router and disable Wi-Fi on all your devices, at least not yet. You should, however, use HTTPS whenever possible, and a VPN might be a good idea as well.
Still, it’s hard to overstate the importance of this news. WPA2 was long thought to be an extremely secure and robust protocol. As Vanhoef explains here, the math behind WPA2’s encryption is still solid; as it often happens, the problem is in the way the WPA2 protocol is implemented.
But besides being an impressive technical achievement, this is the type of problem that will likely haunt us for many years to come. Once easy-to-use tools that exploit this vulnerability are developed — and they will be — all Wi-Fi capable devices that haven’t been updated with a fix will be at risk. And since a vast number of devices have Wi-Fi connectivity — from your gaming console to your phone to your baby monitor — it’ll be a long time till KRACK stops being a threat.
Vanhoef’s research paper on KRACK is available here.