Krack attack highlights wifi security flaw.
A security flaw in the WPA2 protocol used to secure all modern Wi-Fi networks allows hackers to decrypt traffic from enterprise and consumer networks with little difficulty. The hackers can access encrypted traffic to steal credentials and payment card data. In some cases, it enables cybercriminals to inject malicious code or manipulate data on the wireless network. Some manufacturers have already issued security updates and consumers are advised to patch immediately. U.S. CERT has published a list of affected manufacturers, but the list is not comprehensive.
Disclosed by Belgian researcher Mathy Vanhoef of The Katholieke Universiteit Leuven, the attack can be done by someone within range of the victim's local network using key re-installation attacks, also known as KRACK. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations so many WPA2 devices will likely affected. Vanhoef began privately notifying vendors of products he had tested around July 14 and quickly learned the issue was in the protocol itself rather than any specific implementation. CERT/CC made a broad notification to manufacturers in August. OpenBSD has already begun silently patching the weakness, but an accomplished hacker could reverse engineer the patch before others have an opportunity to release their fixes.
Krack attacks concentrates on the four way handshake carried out when clients join WPA2 networks. It's where pre-shared network passwords are exchanged to authenticate the client and access point and also where fresh encryption keys are negotiated that is used to secure subsequent traffic. It's at this step where the key reinstallation attack takes place, a hacker on the network is able to intercede and replay cryptographic handshake messages, bypassing a mandate where keys should be used only once. The weakness happens when messages during the handshake are lost or dropped, which is fairly common, and the access point retransmits the third part of the handshake, theoretically multiple times. Each time it receives this message, it will reinstall the same encryption key, resetting the incremental transmit packet number and receive replay counter used by the encryption protocol. A hacker can force these resets by collecting and replaying retransmissions of message 3 of the 4-way handshake. By forcing nonce reuse, the encryption protocol packets can be replayed, decrypted, and forged. The same technique can also be used to attack the group key, PeerKey, TDLS, and fast BSS transition handshake. Hackers could decrypt packets thereafter because the packet numbers would be reset to zero and re-use the same crypto key over and over when encrypting packets.
In case a message that reuses keystream has known content, it's simple to derive the used keystream. This keystream can then be used to decrypt messages with the same nonce. When there is no known content, decrypting packets are more difficult but still possible. Finding packets with known content isn't a problem, so any packet can be decrypted. This makes TCP SYN packets at risk for decryption, allowing hackers to be able to inject malware into a site the victim visits. Linux and Android systems are especially at risk because of their use of the wpa_supplicant 2.4 and higher, the most commonly used Wi-Fi client on Linux. In these cases, the client reinstalls an all-zero encryption key rather than the real key. Android 6.0 and above also is also vulnerable and trivial to exploit.
This security flaw may be caused by a remark in the Wi-Fi standard that suggests clearing the encryption key from memory once it has been installed for the first time. When the client receives a retransmitted message 3 of the 4-way handshake, the cleared encryption key is installed, effectively installing an all-zero key. To protect your network, check your router manufacturer's website if they have a patch for this flaw. To protect your network is to turn off the wifi until a patch has been released or get another wifi router / access point. Try to avoid non https since https provides another layer of encryption. Use VPN connections to prevent eavesdropping since VPN provides a private, encrypted channel between your device and the internet.