WPA2, the gold-standard protocol for protecting Wi-Fi networks, has been found to have a serious security vulnerability.
The flaw has been dubbed "KRACK" -- for "key reinstallation attacks" -- by Mathy Vanhoef of KU Leuven, the Belgian researcher who discovered it.
KRACK exploits a weakness in the way a client joins a WPA2-protected network, a procedure known as the four-way handshake. Critically, Vanhoef noted that the flaw exists in properly configured wireless networks. "The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected," Vanhoef wrote on a Web site created to explain the vulnerability, www.krackattacks.com.
By manipulating and replaying cryptographic handshake messages, KRACK tricks the victim system into re-installing keys that are already in use, Vanhoef wrote. While the attack does not reveal the wireless network password, it does allow some to all of the network traffic to be visible to an attacker, depending on the encryption protocol in use.
Like any wireless attack, KRACK requires the attacker to be within wireless signal range of the target, and only circumvents the encryption provided by WPA2, not the encryption of the underlying data using Transport Layer Security or other types of protection. (In a proof-of-concept video on his Web site, however, Vanhoef used the SSLStrip tool in combination with KRACK methods to simulate a man-in-the-middle attack to view an Android phone user's encrypted Internet traffic.)
Read more here: adtmag.com/articles/2017/10/16/krack-flaw.aspx