Scribd Logo
Upload

Welcome to Scribd!

  • Wpa2 Vulnerabilities Key Reinstallation Attacks (Kracks) : by Saleh Iskandar Taufan Prakasa

    Uploaded by

    Romi Darmawan
    11 views6 pages
    WPA2, a protocol that secures Wi-Fi networks, has a vulnerability called Key Reinstallation Attacks (KRACKs) that allows attackers to decrypt and forge packets during the 4-way handshake process and steal sensitive information. The attack causes the client to reinstall encryption keys multiple times by resending message 3, resetting the encryption key counter and allowing packets to be decrypted. Linux and Android devices are especially affected due to a bug that causes predictable zeroed-out keys during reinstallation. Cisco has released fixes to address the issue.

    Original Description:

    cracking wpa

    Original Title

    WPA2 Vulnerabilities KRACKS

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    WPA2, a protocol that secures Wi-Fi networks, has a vulnerability called Key Reinstallation Attacks (KRACKs) that allows attackers to decrypt and forge packets during the 4-way handshake process and steal sensitive information. The attack causes the client to reinstall encryption keys multiple times by resending message 3, resetting the encryption key counter and allowing packets to be decrypted. Linux and Android devices are especially affected due to a bug that causes predictable zeroed-out keys during reinstallation. Cisco has released fixes to address the issue.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    11 views6 pages

    Wpa2 Vulnerabilities Key Reinstallation Attacks (Kracks) : by Saleh Iskandar Taufan Prakasa

    Uploaded by

    Romi Darmawan
    WPA2, a protocol that secures Wi-Fi networks, has a vulnerability called Key Reinstallation Attacks (KRACKs) that allows attackers to decrypt and forge packets during the 4-way handshake process and steal sensitive information. The attack causes the client to reinstall encryption keys multiple times by resending message 3, resetting the encryption key counter and allowing packets to be decrypted. Linux and Android devices are especially affected due to a bug that causes predictable zeroed-out keys during reinstallation. Cisco has released fixes to address the issue.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 6

    WPA2 vulnerabilities

    Key Reinstallation Attacks (KRACKs)


    By
    Saleh Iskandar
    Taufan Prakasa
    Quick Intro
    Weakness in WPA2, a protocol that secures all
    modern protected Wi-Fi networks has been
    discovered. This novel technique, called, Key
    Reinstallation Attacks (KRACKS).
    This attack reset key on client side during 4-way
    handsake. Then the attacker can decrypt and
    forge packets from and to client/victims,
    making it possible to steal and hijack various
    sensitive information.
    4-way handshake
    Let us take a look at the
    diagram.
    At 4-way handshake message-3
    due to transmission lost or
    potential interference, this
    message can be sent multiple
    times. Thus causing client to
    install the same-key many time
    and causing counter packet
    (nonce) to reset.
    Hence, the terms reinstallation
    key comes into play.
    Affected client devices
    Linux and Android is mostly
    affected due to predictable
    all-zero encryption key
    during reinstallation key
    due to a bug.
    Demo

    https://youtu.be/Oh4WURZoR98
    Cisco WLC Fixed release
    Source :
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-
    20171016-wpa#fixed_software

    You might also like