Security Flaw in WPA2 Puts All WiFi Clients at Risk

Welcome to ghorr!  A new exploit called KRACK, short for Key Reinstallation Attacks puts all WiFi clients at risk.  This attack abuses a flaw in the cryptographic protocol to reinstall an already in use key.  A 4-way handshake has been the standard for protected WiFi networks for 14 years, and all it takes is for an adversary to get a client to reinstall their key.  After this is achieved the adversary is able to hijack the TCP stream and may inject malicious packets to a given client, or read unencrypted packets.  Patches are expected to be released for routers, mobile devices, and other WiFi devices in the coming weeks.  At the time of writing this article, Arch Linux has been patched, for wpa_supplicant and hostapd, so wireless machines running Arch are safe.

It is recommended to avoid connecting to any public WiFi if you are concerned about malicious activity.  To help offset the exploit, prefer to connect to websites using https, or connect to the internet via VPN if you must use public WiFi.  Secure your home network, and monitor your network for any malicious activity.  The attacker would have to be within range of your wireless access point, so people living in apartment complexes are typically more vulnerable.  Consider using MAC filtering to allow only trusted devices on your network.  This isn’t even a true fix though, because MAC addresses can be spoofed.  Check out the article by Vanhoef et. al titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2.  Check out the r/KRaCK subreddit page which discusses the exploit as well.