What Is KRACK Attack?
- By Greg Brown
- Mar 10, 2023
When evaluating the reckless ingenuity and devastating aftermath of present-day overlook disasters, KRACK lands in the top three. A severe weakness was found in the WPA2 protocol, a framework that secures the world’s wi-fi networks. The flaw is in the standard itself, not in products, services, or implementations. The attack is effective against all modern wi-fi networks.
The KRACK Flaw was discovered by two Belgian researchers in 2016. Documentation was published a year later by Verhoef’s Research Group.
KRACKS are key reinstallation attacks. The idea behind a key reinstallation attack can be characterized as follows: a four-way handshake is negotiated every time a client joins a network, and a fresh encryption key is needed. The encryption key is installed after receiving message 3 of the 4-way handshake. Predators trick victims into installing an already-in-use encryption key.
Handshakes are part of the automated data flow, from logging in to reading blocks of encrypted data. Handshakes are the exchange of information between the access point and a client when the client chooses to connect.
The technical process of a KRACK Attack is accomplished by manipulating and replaying cryptographic handshake messages. When the key is reinstalled, all associated data packets are reset to their initial values, giving hackers an opening.
The whole thing depends on manipulating message three of the four-way handshake. Clients may receive message number three multiple times, and with each request, it reinstalls the same encryption key, which is forbidden. Attackers force “nonce resets,” Instead of moving on to the fourth step in a 4-way handshake, it resets the third step. Through repeated resetting of the nonce sent during the third step of the original 4-way handshake, an attacker can gradually match the encrypted packet, allowing them to learn which algorithm is necessary to also encrypt that traffic.
This flaw gives time for the predators to move in on any valid wi-fi network. Attacks were directed at devices connected to the network. The flaw was not against access points. KRACK attacks happen the moment a device joins a network and the handshake is performed.
Widespread Vulnerabilities and Shrinking Impact
The movement to encrypt the web is nearly one-half finished. Earlier this month, nearly one-half of all internet traffic is now HTTPS, meaning we are almost free of eavesdropping and content hijacking. Google has a consistent finding on HTTPS usage.
The KRACK flaw is not limited by any single operating platform; all are vulnerable, from Windows and MacOS to Android and Linux. Android and Linux are especially susceptible to a KRACK attack because they can be manipulated into installing an all-zero encryption key.
Carrying out a KRACK attack requires a predator who is local and proactive. Hackers must have an active antenna and be in the range of any victim or a targeted wireless network. With most connected devices having gone through at least one or maybe two updates since the KRACK security flaw was discovered, cyber attacks are becoming fewer and fewer.
The flaw enables a person within network reach to intercept information between connected devices. Sensitive data is obtained from the wireless router or another similar asset to gain decrypted connection data, such as credentials for access to a wide range of services, including email, instant messaging, and credit card numbers.
According to TechTarget, WPA2 still has vulnerabilities after one of the most notorious corporate and governmental overlook cases. KRACK could have been discovered ten years earlier if an open-source mechanism had analyzed the project. The job of research scientists is to discover flaws and other errors in infrastructure hardware and software.
Another current flaw of WPA2 is the potential for unauthorized access to the enterprise network. The flaw happens in a wi-fi-protected setup access point. Another vulnerability lies in the Transport Security Layer. Threat actors target this layer for downgrade attacks. The new WPA3 protocol has 256 and 384-bit encryption, leading to new industry standards.
Whether protocols should be open source is constantly thrown into play. The vulnerability of the WPA2 went undetected for a decade; code and language were not made available to security researchers.
Mitigation is boiling down to local and specific resources needing a patch to work with a specific platform. Any device that connects to the network may need a patch as well. For significant security flaws such as the WPA2, the best course of action to begin is to ensure the core operating system and any peripherals are updated with patches. This may entail heading to a lot of website support, but it may be worth it.
They should already be patched if you have an iPhone, MacOS, or Windows computer. If not, patch them now. Android devices are still waiting on an update, but one is in the offing very soon, but it may take time for rollout. Routers and security cameras should be taken offline until they are fixed permanently.
KRACK Wi-Fi Mess
It will take decades to clean up the disaster. Major operating platform such as Apple has already been patched. However, considering the millions of routers and internet of thing devices that will likely never see a patch means an ongoing problem.
KRACK has exposed a deeply flawed system, and the industry is moving too slowly with fixing the issue. Here is a running list of router vendors and major players offering patches. Plenty of resources are building up now to help IT Admins and Network Administrators keep networks safe.
There will be vulnerabilities from KRACK that will go on for 20 years. Equipment will be more intelligent if it is replaced. However, a lot of routers will still be working. Another issue is IoT devices rarely fix flaws in their security protocols.
The challenges go beyond mere patch availability. Equipment builders have a range of product groups, including routers, large ethernet hubs, and adapters that can be affected if not updated. There may be a dozen router models, each needing to be tested for a specific Krack impact.
The KRACK flaw and its aftermath will be felt in the electronics industry for many decades. The single question left is why did it take 10 years to discover the flaw after a global deployment?