KRACK attack on WPA2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 04:47 AM
Hello everyone,
I have some questions due to the expected disclosure today on the attack possible on WPA2 SSIDs.
Link: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...
- Is Extreme aware of this?
- Are Fixes ready to be released?
- Is a software fix sufficient or does hardware need to be replaced?
Thanks and best regards,
Johannes
I have some questions due to the expected disclosure today on the attack possible on WPA2 SSIDs.
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
Link: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...
- Is Extreme aware of this?
- Are Fixes ready to be released?
- Is a software fix sufficient or does hardware need to be replaced?
Thanks and best regards,
Johannes
82 REPLIES 82
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 12:08 PM
I've asked the WiNG and IdentiFi teams for an update. I'll share with the thread when I have more information.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 11:23 AM
I already have fixes for other vendor devices, but need them for the WiNG access points also, so same question.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 10:02 AM
There are updates from other vendors already:
https://www.reddit.com/r/KRaCK/comments/76pjf8/krack_megathread_check_back_often_for_updated/
https://www.reddit.com/r/KRaCK/comments/76pjf8/krack_megathread_check_back_often_for_updated/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 09:58 AM
A different article I read indicated that vendors were made aware of this a couple months ago. Hoping that maybe the fixes were put into a recent firmware release ?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-16-2017 09:42 AM
The corresponding paper:
"Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2"
https://papers.mathyvanhoef.com/ccs2017.pdf
"Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2"
https://papers.mathyvanhoef.com/ccs2017.pdf
