WiFi Encryption Standard WPA2 Cracked, Put Billions Of Devices At Risk, While Apple Has Already Patched In iOS 11

WPA2 - the encryption standards that protects all modern Wi-Fi network - has been cracked. Attackers can now read all WPI2 encrypted Wi-Fi network info, WPA2 is being used by majority of routers as a wireless secure encryption protocol, including public and private.


Android and Linux are particularly vulnerable, even those that are described as "insignificant" attacks that can keep the devices hurt, but all other platforms are vulnerable too, including iOS and macOS. WPA2's flaw was discovered by Mathy Vanhoef, a postdoctoral security researcher at the Department of Computer Science at the University of Kuala Lumpur of Netherlands.

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi netwow.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. If your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks

Experiments with security researcher show that Android smartphones are most vulnerable to attacks, and devices running Android 6.0 or later are particularly vulnerable. In addition to allowing data to be decrypted, they can easily reset the encryption key to zero. Vanhoef also stressed that all platforms are vulnerable to attack, attack Mac was originally a more difficult challenge, but later found a viable way.

We can get some comfort from this fact, because the attack will only decrypt the data encrypted by the WiFi itself. If you are visiting a secure website, the data will still be encrypted by the HTTPS protocol. However, there're also individual attack against HTTPS. Fortunately, the vulnerabilities can be patched, and in a backwards-compatible manner.

The working principle of the attack is to use the device to connect a WiFi network when communicate. WPA2 implements a four-step process by first confirming that the device uses the correct password for the WiFi router and then agrees with an encryption key that will be used for all data sent during the connection.

In a key reinstallation attack, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.

If the hacker send anything between the device and the router, the known data can be used to compute the encryption key. As Vanhoef points out, there are almost always some known data that is passed by the device at some point, so you have to assume that the encryption is always cracked. Even if you do not know any of them, as long as there is enough text information, you can crack the password.


For Android and Linux, an attacker doesn't even have to do so much work: they can simply reset the encryption key. The Wi-Fi Alliance has issued a security advisory thanking Vanhoef for his work, stating that it is aware of the issue and that major platform providers have already started deploying patches.

While Apple has already patched serious vulnerabilities in the WPA2 Wi-Fi standard that protects many modern Wi-Fi networks, the company told iMore's Rene Ritchie this morning. The exploits have been addressed in the iOS, tvOS, watchOS, and macOS betas that are currently available to developers and will be rolling out to consumers soon.

Via 9to5Mac, Image Credit YouTube And Feng

Post a Comment

Previous Post Next Post