Attacks on our computers and business networks are becoming more sophisticated and harder to detect. The lastest type of attack is called a KRACK attack. This method uses our own Wi-Fi against us.
KRACK is short for Key Reinstallation Attack, which is a curious name that probably leaves you as confused as we felt when we heard about it, so here’s our extremely simplified explanation of what happens (please note this explanation covers just one of numerous flavours of similar attack).
At various times during an encrypted wireless connection, you (the client) and the access point (the AP) need to agree on security keys.
To do so, a protocol known as the “four-way handshake” is used, which goes something like this:
- (AP to client) Let’s agree on a session key. Here’s some one-time random data to help compute it.
- (Client to AP) OK, here’s some one-time random data from me to use as well.
At this point, both sides can mix together the Wi-Fi network password (the so-called Pre-Shared Key or PSK) and the two random blobs of data to generate a one-time key for this session.
This avoids using the PSK directly in encrypting wireless data, and ensures a unique key for each session.
- (AP to client) I’m confirming we’ve agreed on enough data to construct a key for this session.
- (Client to AP) You’re right, we have.
The KRACK Attacks (with numerous variations) use the fact that although this four-way protocol was shown to be mathematically sound, it could be – and in many cases, was – implemented insecurely.
In particular, an attacker with a rogue access point that pretends to have the same network number (MAC address) as the real one can divert message 4 and prevent it reaching the real AP.
During this hiatus in the handshake, the client may already have started communicating with the AP, because the two sides already have a session key they can use, albeit that they haven’t finalised the handshake.
This means that the client will already be churning out cryptographic material, known as the keystream, to encrypt the data it transmits.
What to do
Changing a Wi-Fi password won’t help: this attack doesn’t recover the password (PSK) itself, but allows an attacker to decrypt some of the content of some sessions.
Changing routers won’t help either because there are numerous variants of the KRACK Attacks that affect most Wi-Fi software implementations in most operating systems.
Here’s what you can do:
- Treat all Wi-Fi networks like coffee shops with open, unencrypted, wireless.
- Stick to HTTPS websites so your web browsing is encrypted even if it travels over an unencrypted connection.
- Use a VPN, which means that all your network traffic (not just your web browsing) is encrypted, from your laptop or mobile device to your home or work network, even if it travels over an unencrypted connection along the way.
- Apply KRACK patches as soon as they are available.
The precautions that you take in those cases – why not take them all the time?
If you always encrypt everything yourself, in a way that you get to choose and can control, you never have to worry what you might have forgotten about.