Wi-Fi security is compromised due to multiple vulnerabilities found in WPA2

The Internet has stopped pending the release of a proof-of-concept exploit called KRACK (an abbreviation of Key Reinstallation Attacks). The fact is that last weekend it became known that a consolidated group of specialists is preparing a coordinated disclosure of information on some critical WPA2 problems that allow you to bypass the security and listen to Wi-Fi traffic transmitted between the access point and the computer.

Formally, researchers will tell about the vulnerabilities they found only on November 1, 2017, at the ACM CCS conference. A report entitled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 will be presented at the event (“Reinstallation of keys: forced reuse of nonce in WPA2”).

The group that worked on the creation of KRACK and the burglary of WPA2 included: Matie Vanhoef and Frank Piessens from the Catholic University of Leuven, Maliheh Shirvanian and Nitesh Saxena and Nitesh Sirhena from the Alamemestrame group, which is based on the names of the United States. , Yong Li from Huawei Technologies, as well as the representative of the Ruhr University, Sven Schäge.

However, we still do not have to wait for November. Coordinated disclosure of information is scheduled for today, October 16, 2017, and should be held in the afternoon. Information about KRACK will appear on the website krackattacks.com, and researchers have also prepared a repository on GitHub (which is also empty now). The fact that the information will be published on October 16, Mathie Vanhof himself told on his tweet, and he posted the first “teaser” of this event 49 days ago.

What is known about KRACK now? According to ArsTechnica, US-CERT has already sent the following description of the problem to more than 100 organizations: critical vulnerabilities were found in the key management mechanism in the four-element Wi-Fi Protected Access II (WPA2) handheld. By exploiting these bugs, you can get traffic decryption, implement HTTP injections, intercept TCP connections and much more. Since vulnerabilities were found at the protocol level, problems affect most implementations.

IB specialist Nick Lowe, who is already dedicated to the crux of the problem, told Twitter that the following CVE identifiers were assigned to vulnerabilities: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017- 13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087 and CVE-2017-13088.

ArsTechnica also refers to its own source and claims that companies such as Aruba and Ubiquiti, which supply access points to large corporations and government organizations, have received a head start on eliminating bugs, and have already released updates.

Interestingly, last summer, at the Black Hat conference, the Vanhof and Pissens presented a report (PDF) on troubleshooting network protocols. Apparently, the document contained a hint of KRACK, for example, the illustration below shows that the researchers had already carefully studied the mechanism of the work of the hendshieks.

→ Source

UPD: Mikrotik company announced the release of fixes

UPD: Antxak
Technical details have already been disclosed, can be found.
http://papers.mathyvanhoef.com/ccs2017.pdf

UPD: https://www.krackattacks.com/ explanation of work