Security researchers have discovered a vulnerability in the WPA2 protocol leaving implementations open to attack. Being called Key Reinstallation Attack,  or KRACK, it works by exploiting a weakness within the protocol, putting virtually all implementations of WPA2 at risk. So far it has been discovered to affect Windows, Apple, Android, Linux, Mediatek, and Linksys, among others.

The vulnerability takes advantage of the four-way handshakes that are used by WiFi networks to create a new session key. Hackers are able to trick a victim by manipulating and replaying handshake messages in order to get them to reinstall a key that is already in use. When this happens, parameters like the incremental transmit packet number and receive private number are then reset to their initial value.

While there has so far been no indication that this vulnerability has been exploited in the wild, security researchers are alerting vendors that it exists, which will hopefully lead to security updates in order to patch it. Until then, they suggest checking whether keys that are already in use are being installed or making sure that any individual key is only installed one time during the handshake execution.

Comments are closed.