MacSentry News

WPA2 protocol left exposed by new attack


Four great apps to help protect your privacy and maintain your mac.

Get MacSentry

WPA2 protocol left exposed

Early on the 16th of October it was made publicly known that the Wi-Fi Protected Access II protocol had a huge vulnerability exposed. 

The exploit has been called KRACK, which is short for Key Reinstallation Attacks, but what exactly is KRACK?

KRACK takes advantage of the third step in the four-way handshake, this is what WPA2 uses for the authentication of clients. In the third step the key for encryption is established and it can be sent multiple times. If sent the handshake is sent in a certain way, KRACK can reuse a cryptographic nonce therefore breaking open the encryption. 

A cryptographic nonce is a pseudo-random number that is only ever to be used once, it is usually sent alongside a message.  The ability to reuse a cryptographic nonce essentially renders the security useless. 

ArsTechnica sifted through a disclosure made by US-CERT that outlined a number of possible attacks that could be made with the KRACK exploit. These include decryption, packet replay, TCP connection hijacking, HTTP content injection, and much more. 

KRACK focusses on client devices and in theory shouldn’t ever affect access points. This means that pretty much every Wi-Fi device now needs to install a security patch when it becomes available. 

This is a problem because many Wi-Fi devices have stopped receiving support from their manufacturer. This means that there will be a huge number of devices that are being left wide open to a KRACK attack. 

It is a possible for patches to be made on the access point side, but again, this depends entirely on how well supported your access point is.  

The KRACK attack works in such a way that as long as either one of the client or access point have been patched, there is no need to worry about any attacks. 

In order to stay safe whilst fixes are worked on for KRACK, there are a number of steps you can perform to secure your internet. 

Firstly, if possible, use an ethernet cable and disable Wi-Fi completely. Secondly, do not connect to any Wi-Fi access points you do not run yourself. 

Thirdly, using a VPN can help encrypt your data from potential attacks. MacSentry offers an app for both Mac OSx and iOS devices so you can keep your Apple devices safe and sound.