|
Starting yesterday, word of a new attack against WPA2 started to take over security news feeds. This "Key Reinstallation Attack" (aka KRACK) can be used to substantially weaken many WPA2 implementations. The web site created by the discoverer of the attack does explain the issues around this problem quite well, so I just want to point out some of the highlights [1]:
So what can you do?
This attack doesn't affect public access points as much. These types of access points do not usually use WPA2 in the first place, and if they do it is typically more for billing then to protect user traffic. I expect an easy to use attack tool to be published within a few weeks, at which point you should have updated at least your clients. The tricky part will be legacy clients for which you wont easily find patches. AES-CCMP is less vulnerable then WPA-TKIP or GCMP. But even with AES-CCMP, the attacker may be able to decrypt packets. Just packet injection is less likely with AES-CCMP. So I do not consider AES-CCMP a "quick fix", but a "necessary hardening" of the installion. You will not need to change your WPA2 passphrase. This will easy upgrades. But of course, changing your passphrase may be a good idea anyway. Lance Spitzner from SANS Securing the Human put together a nice blog post to inform non techincal users about the impact of this vulnerability: https://securingthehuman.sans.org/blog/2017/10/16/28748/ [1] https://www.krackattacks.com
--- |
Johannes 4478 Posts ISC Handler Oct 16th 2017 |
| Thread locked Subscribe |
Oct 16th 2017 4 years ago |
|
The vuln writeups always mention passphrase, does the vuln affect WPA2 in infrastructure mode (with Radius/802.1x), as they don't rely on passphrases as such?
|
Anonymous |
| Quote |
Oct 16th 2017 4 years ago |
|
Would MAC Address filtering, available on most home WiFi units, assist in some way?
|
Steven 12 Posts |
| Quote |
Oct 16th 2017 4 years ago |
Quoting Steven:Would MAC Address filtering, available on most home WiFi units, assist in some way? NO! JFTR: how do you expect this (trivial to bypass) feature of your access point to impair an attackers ability to send arbitrary WiFi packets from his equipment to any client connected to your access point? The "ether" is a shared medium! |
Anonymous |
| Quote |
Oct 16th 2017 4 years ago |
Quoting Steven:Would MAC Address filtering, available on most home WiFi units, assist in some way? No. Too much labor, too easy to subvert. Look up the use of Ethernet Locally Administered Addresses (LAA). A widely available, standard feature of Ethernet networking can be used to set a local MAC address to any desired value, including the address of a computer observed communicating on your network. Filter bypassed. The SANS Securing the Human Ouch! newsletter has a considerable amount of useful consumer level information. See the February 2016 issue "Securing Your Home Network." [1] [1] https://securingthehuman.sans.org/resources/newsletters/ouch/2016#february2016 TomS. |
TomS 4 Posts |
| Quote |
Oct 16th 2017 4 years ago |
|
I agree that in the WiFi medium an attacker could just send an attack directly to a client bypassing the AP. However, MAC Address filtering on the AP should prevent access into the wired portion of the network even if the attacker is able to obtain the encryption key. Again, looking for ways to limit the attack not prevent it all together.
|
Steven 12 Posts |
| Quote |
Oct 16th 2017 4 years ago |
|
To my knowledge, MAC address filtering really doesn't stop ANY attack, never mind this one.
|
PhilBAR 24 Posts |
| Quote |
Oct 16th 2017 4 years ago |
Quoting Steven:I agree that in the WiFi medium an attacker could just send an attack directly to a client bypassing the AP. However, MAC Address filtering on the AP should prevent access into the wired portion of the network even if the attacker is able to obtain the encryption key. Again, looking for ways to limit the attack not prevent it all together. OUCH! Which part of "NO!" alias MAC address filtering prevents NOTHING is so hard to understand? Simplified: KRACK lets the client reuse a (zeroed) encryption key. |
Anonymous |
| Quote |
Oct 16th 2017 4 years ago |
|
Is Protected EAP (WPA2 Enterprise) as vulnerable? My reading of the description would indicate yes, but I am far from an expert. Thanks.
|
Otter 1 Posts |
| Quote |
Oct 16th 2017 4 years ago |
|
Does this affect WPA2 Enterprise mode deployments (with Radius/802.1x), since they don't use passphrases?
|
Anonymous |
| Quote |
Oct 16th 2017 4 years ago |
|
>This attack doesn't affect public access points as much. These types of access points do not usually use WPA2 in the first place,
>and if they do it is typically more for billing then to protect user traffic. Are you sure about this? wigle.net is showing only 7% of their database using WPA, while 59.8% are using WPA2, and 20% are unknown. From what I see in my neck of the woods WPA2 is pretty common for 'public' WiFi access. |
Paul 47 Posts |
| Quote |
Oct 16th 2017 4 years ago |
|
Enterprise mode is affected as well. This vulnerability affects the handshake that is used to setup the keys, which is the same in "Passpharase" and "Enterprise" mode.
Regarding "Public Accesspoints". I am refering to things like Hotel/Coffee House hotspots, not to "access points seen in the public". |
Johannes 4478 Posts ISC Handler |
| Quote |
Oct 16th 2017 4 years ago |
|
Anyone found a decent list of vendors that have released patches so far?
Here's what I've seen this morning: * The original author suggests OpenBSD patched early * I've seen Ubuntu Server patches this morning for wpasupplicant (2.1-0ubuntu1.5) - https://usn.ubuntu.com/usn/usn-3455-1/ *Unifi have released a patch (3.9.3.7537) for their equipment - https://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365 I've heard a rumour that Windows 10 has a patch but can't substantiate it. |
Matt 4 Posts |
| Quote |
Oct 16th 2017 4 years ago |
|
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
Microsoft has released patches for Win10/7 in the Oct release. |
Anonymous |
| Quote |
Oct 17th 2017 4 years ago |
|
For what it's worth, there's this: https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
which was indirectly linked from here: https://www.krackattacks.com/ |
Anonymous |
| Quote |
Oct 17th 2017 4 years ago |
Quoting PhilBAR:To my knowledge, MAC address filtering really doesn't stop ANY attack, never mind this one. It'll stop a casual attacker, but anyone worth their salt will know how to spoof a MAC address. |
Darron Wyke 19 Posts |
| Quote |
Oct 17th 2017 4 years ago |
|
We're using WPA2 with AES/PSK on our Cisco WL APs. I'm not sure if it's AES-based CCMP or not & I don't see an option to turn CCMP on either.
So my question is are we less vulnerable? Can anybody confirm? |
AAInfoSec 51 Posts |
| Quote |
Oct 17th 2017 4 years ago |
Quoting AAInfoSec:We're using WPA2 with AES/PSK on our Cisco WL APs. I'm not sure if it's AES-based CCMP or not & I don't see an option to turn CCMP on either. Only Cisco and your knowledge of your config can tell you how vulnerable you are. If it is AES, then it is AES-CCMP. AES-CCMP is vulnerable to several forms of the attack. Severity depends on the platform. The paper is only 16 pages. Check Table 3 for a quick summary, but definitely devote the time to understand the impacts of the whole paper. * * Grok this * * It is one attack method affecting 4 handshakes, and 3 data confidentiality protocols that vary according to platform. Impacts include decryption, traffic modification, and traffic injection. Some only affect the wireless network, some permit traffic injection to the entire network. Side Note: I am also concerned with the GCMP risk, especially bidirectional traffic injection. Even when limited to just broadcast/ multicast traffic, the number of autoconfiguration, homenet, zeroconf, even dhcp, IPv6 RA, name resolution. Lots of things to think about. |
TomS 4 Posts |
| Quote |
Oct 17th 2017 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
