This Sunday was revealed to the vulnerabilities of high degree of the Protocol Wi-Fi Protected Access II, aka WPA2, which is used by most wireless users. The vulnerability allows hackers to intercept Wi-Fi traffic between computers and access points. Allows KRACK attack and other nastiness, including the capture compounds and harmful injections.
Exploit KRACK, short for Key Reinstallation Attack became known in the framework of carefully classified research as a result of coordinated disclosure, scheduled for 8 a.m. Monday to East coast time. The Advisory Council of the United States CERT, assembled from hundreds of organizations, described the study this way:
“US-CERT learned about a few key vulnerabilities in operating on the principle of four-party handshake Protocol security Wi-Fi Protected Access II (WPA2). The consequences of these vulnerabilities include decryption, a packet sniffer, capture, TCP connection, injection HTTP content and more. Keep in mind that the problems at the Protocol level affected most correct implementations of this standard. CERT/CC and researcher K. U. Leuven will publicly disclose these vulnerabilities 16 October 2017”.
How the vulnerability works? WPA2 uses a four-way handshake, which creates the encryption key of the traffic. During the third step, the key can be re-reship several times. When resubmissions are a certain way, it is possible to completely undermine encryption.
It is unlikely that most access points will be able to patch quickly enough, and some of them remain untreated. If exploits bypass WPA2 encryption will indeed be simple and reliable, the hackers will be able to listen to nearby traffic to Wi-Fi.
In good, we need to avoid using Wi-Fi until you put the patch. Until then have to use HTTPS, STARTTLS, Secure Shell and other reliable protocols to encrypt traffic on the web and e-mail. Will also have to carefully choose VPN providers.
Wi-Fi everything? In WPA2 detected.
Ilya Hel