Filed to Technology on Oct 24, 2017
Attacks on our computers and business networks are becoming more sophisticated and harder to detect. The lastest type of attack is called a KRACK attack. This method uses our own Wi-Fi against us.
KRACK is short for Key Reinstallation Attack, which is a curious name that probably leaves you as confused as we felt when we heard about it, so here’s our extremely simplified explanation of what happens (please note this explanation covers just one of numerous flavours of similar attack).
At various times during an encrypted wireless connection, you (the client) and the access point (the AP) need to agree on security keys.
To do so, a protocol known as the “four-way handshake” is used, which goes something like this:
At this point, both sides can mix together the Wi-Fi network password (the so-called Pre-Shared Key or PSK) and the two random blobs of data to generate a one-time key for this session.
This avoids using the PSK directly in encrypting wireless data, and ensures a unique key for each session.
The KRACK Attacks (with numerous variations) use the fact that although this four-way protocol was shown to be mathematically sound, it could be – and in many cases, was – implemented insecurely.
In particular, an attacker with a rogue access point that pretends to have the same network number (MAC address) as the real one can divert message 4 and prevent it reaching the real AP.
During this hiatus in the handshake, the client may already have started communicating with the AP, because the two sides already have a session key they can use, albeit that they haven’t finalised the handshake.
This means that the client will already be churning out cryptographic material, known as the keystream, to encrypt the data it transmits.
Changing a Wi-Fi password won’t help: this attack doesn’t recover the password (PSK) itself, but allows an attacker to decrypt some of the content of some sessions.
Changing routers won’t help either because there are numerous variants of the KRACK Attacks that affect most Wi-Fi software implementations in most operating systems.
Here’s what you can do:
The precautions that you take in those cases – why not take them all the time?
If you always encrypt everything yourself, in a way that you get to choose and can control, you never have to worry what you might have forgotten about.