Karlston Posted October 16, 2017 Share Posted October 16, 2017 Mathy Vanhoef, a researcher from the University of Leuven (KU Leuven), has discovered a severe flaw in the Wi-Fi Protected Access II (WPA2) protocol that secures all modern protected Wi-Fi networks. The flaw affects the WPA2 protocol itself and is not specific to any software or hardware product. Vanhoef has named his attack KRACK, which stands for Key Reinstallation Attack. The researcher describes the attack as the following: Our main attack is against the 4-way handshake of the WPA2 protocol. This handshake is executed when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials (e.g. the pre-shared password of the network). At the same time, the 4-way handshake also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic. Currently, all modern protected Wi-Fi networks use the 4-way handshake. This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES. All our attacks against WPA2 use a novel technique called a key reinstallation attack (KRACK). In simpler terms, KRACK allows an attacker to carry out a MitM and force network participants to reinstall the encryption key used to protected WPA2 traffic. The attack also doesn't recover WiFi passwords. Attacker must be within WiFi network range The attack works only if the attacker is in the victim's WiFi network range, and is not something that could be carried out via the Internet. HTTPS may also protect user traffic in some cases, as HTTPS uses its own separate encryption layer. Nonetheless, HTTPS is not 100% secure, as attacks exist that could downgrade the connection and grant the attacker access to HTTPS encrypted traffic [1, 2, 3, 4, 5, 6]. The KRACK attack is universal and works against all type of devices connecting or using a WPA2 WiFi network. This includes Android, Linux, iOS, macOS, Windows, OpenBSD, and embedded and IoT devices. The attack allows a third-party to eavesdrop on WPA2 traffic, but if the WiFi network is configured to use WPA-TKIP or GCMP encryption for the WPA2 encryption, then the attacker can also inject packets into a victim's data, forging web traffic. Almost any device is affected Because the vulnerability in establishing the WPA2 handshake affects the protocol itself, even devices with a perfect protocol implementation are affected. Changing WiFi passwords doesn't protect users. Users must install firmware updates for affected products. "Any device that uses Wi-Fi is likely vulnerable," Vanhoef said. "Luckily implementations can be patched in a backwards-compatible manner." A list of available products and updates will be available in this US-CERT advisory page that will go live in the following hours. No updates are available at the time of publishing. While updates are expected for desktops and smartphones as soon as possible, experts believe routers and IoT devices will be affected the most and will see a delay in receiving firmware updates. Issue discovered last year Vanhoef discovered the issue in 2016 but kept working to refine his attack. The researcher sent notifications to some affected vendors in July 2017, and US-CERT sent a broader note to more vendors at the end of August. The expert describes the attack in much more depth on a website dedicated to the KRACK attack, and in a research paper the expert plans to present at this year's Computer and Communications Security (CCS) and Black Hat Europe conference. Vanhoef also published a video demoing and explaining the KRACK attack. <br /> The following CVE identifiers will help you track if your devices have received patches for the WPA2 flaws Vanhoef discovered. CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake. CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake. CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. How to fix the KRACK Vulnerability? The first thing you should do is not panic. While this vulnerability could allow an attacker to eavesdrop on or modify data being transmitted over wireless connections, at the same time, this attack is not going to be easy to pull off and a working exploit has not been published as of yet. The good news is that this is a highly covered vulnerability and vendors will quickly release updates to fix this flaw. For consumers and business users, this means updating your router, access point, wireless network adapters, and devices with new firmware and drivers as they are released. To make it easier for you, BleepingComputer has started compiling a list of vendors who have released advisories or driver and firmware updates. This list can be found at List of Firmware & Driver Updates for KRACK WPA2 Vulnerability and will be constantly updated as BleepingComputer receives new information. Source: New KRACK Attack Breaks WPA2 WiFi Protocol (BleepingComputer) Link to comment Share on other sites More sharing options...
steven36 Posted October 17, 2017 Share Posted October 17, 2017 Quote Forget KRACK Attack, 5 Year Old Encryption Bug Returns For Google And Microsoft While we were still finding it difficult to forget the Krack attack, a five-year-old bug has resurfaced in a new form to haunt Google and Microsoft. Known as ROCA (Return of Coppersmith’s Attack), the encryption key-related exploit is named after the Coppersmith’s attack. The ROCA hack: Vulnerable RSA Generation (CVE-2017-15361), developed by the researchers at Centre for Research on Cryptography and Security, Masaryk University, Enigma Bridge and Ca’ Foscari University targets the weakness in the cryptography tech in chips made by Infineon Technologies. The range of affected devices – released as early as – includes a large number of Chromebooks, and Windows laptops manufactured by Fujitsu, HP, and Lenovo which feature the hardware chips created by Infineon. The problem lies in the way the manufacturers implement the widely-used RSA encryption. This makes it possible to figure out the private key if the public key is available which isn’t a big deal. “The currently confirmed number of vulnerable keys found is about 760,000 but possibly up to two to three magnitudes more are vulnerable,” warn the researchers. They will present their paper at the ACM Conference on Computer and Communications this month where the Krack attack will also be on display. ROCA hack is practically more effective against 1024-bit encryption keys. Researchers calculated the cost of performing the attack via Amazon cloud servers. It would require around $76 to crack a 1024-bit key while more funds would be needed for a 2048-bit key. It would cost $40,000 as higher bit keys are more complicated, and therefore, harder to crack. Jake Williams, an ex-NSA staffer and the owner of the cybersecurity company RenditionSec, calls ROCA issue more severe than KRACK, Forbes reports. Williams suggests two ROCA attack scenarios; one involves the attacker compromising the digital signature certificate used to validate a software’s source. An attack can use the published public key to reverse engineer the private key to sign the software and impersonate the victim. Second, the attacker can run malicious code by fooling the Trusted Platform Module (TPM) chip which stores the RSA encryption keys. “The TPM is used to ensure the code used to boot the kernel is valid. Bypassing a TPM could allow the attacker to perform an inception style attack where they virtualize the host operating system,” he said. “There are dozens of other variations of attacks, but these Infineon chips are huge in hardware security modules (HSMs) and TPMs” The vulnerability was first spotted in January this year, and Infineon was notified in February. The researcher had an agreement to wait for 8 months before making it public. Software updates and mitigation guidelines have been released by Microsoft, Google, HP Lenovo, Fujitsu. Researchers have provided detection tools to check whether the keys are vulnerable. https://fossbytes.com/roca-encryption-bug-infineon-chips/ Link to comment Share on other sites More sharing options...
steven36 Posted October 17, 2017 Share Posted October 17, 2017 27 minutes ago, 0bin said: Fixed in newest firmware of today. Here are all the effected Chormebooks asuka - Dell Chromebook 13 3380 auron-paine - Acer Chromebook 11 (C740) auron-yuna - Acer Chromebook 15 (CB5-571) banjo - Acer Chromebook 15 (CB3-531) banon - Acer Chromebook 15 (CB3-532) buddy - Acer Chromebase 24 candy - Dell Chromebook 11 (3120) caroline - Samsung Chromebook Pro cave - ASUS Chromebook Flip C302 celes - Samsung Chromebook 3 chell - HP Chromebook 13 G1 clapper - Lenovo N20 Chromebook cyan - Acer Chromebook R11 (CB5-132T / C738T) daisy-skate - HP Chromebook 11 2000-2099 / HP Chromebook 11 G2 daisy-spring - HP Chromebook 11 1100-1199 / HP Chromebook 11 G1 edgar - Acer Chromebook 14 (CB3-431) elm - Acer Chromebook R13 (CB5-312T) enguarde - ASI Chromebook enguarde - Crambo Chromebook enguarde - CTL N6 Education Chromebook enguarde - Education Chromebook enguarde - eduGear Chromebook R enguarde - Edxis Education Chromebook enguarde - JP Sa Couto Chromebook enguarde - Lenovo N21 Chromebook enguarde - M&A Chromebook enguarde - RGS Education Chromebook enguarde - Senkatel C1101 Chromebook enguarde - True IDC Chromebook enguarde - Videonet Chromebook expresso - Bobicus Chromebook 11 expresso - Consumer Chromebook expresso - Edxis Chromebook expresso - HEXA Chromebook Pi falco - HP Chromebook 14 gandof - Toshiba Chromebook 2 (2015 Edition) glimmer - Lenovo ThinkPad 11e Chromebook gnawty - Acer Chromebook 11 (C730 / C730E) gnawty - Acer Chromebook 11 (C735) guado - ASUS Chromebox CN62 hana - Lenovo N23 Yoga/Flex 11 Chromebook hana - Poin2 Chromebook 14 heli - Haier Chromebook 11 G2 kefka - Dell Chromebook 11 Model 3180 kefka - Dell Chromebook 11 3189 kevin - Samsung Chromebook Plus kip - HP Chromebook 11 2100-2199 / HP Chromebook 11 G3 kip - HP Chromebook 11 2200-2299 / HP Chromebook 11 G4/G4 EE kip - HP Chromebook 14 ak000-099 / HP Chromebook 14 G4 lars - Acer Chromebook 11 (C771, C771T) lars - Acer Chromebook 14 for work (CP5-471) leon - Toshiba Chromebook link - Google Chromebook Pixel lulu - Dell Chromebook 13 7310 mccloud - Acer Chromebox monroe - LG Chromebase 22CB25S monroe - LG Chromebase 22CV241 ninja - AOPEN Chromebox Commercial nyan-big - Acer Chromebook 13 (CB5-311) nyan-blaze - HP Chromebook 14 x000-x999 / HP Chromebook 14 G3 nyan-kitty - Acer Chromebase orco - Lenovo 100S Chromebook panther - ASUS Chromebox CN60 peach-pi - Samsung Chromebook 2 13" peach-pit - Samsung Chromebook 2 11" peppy - Acer C720 Chromebook quawks - ASUS Chromebook C300 reks - Lenovo N22 (Touch) Chromebook reks - Lenovo N23 Chromebook reks - Lenovo N23 Chromebook (Touch) reks - Lenovo N42 (Touch) Chromebook relm - Acer Chromebook 11 N7 (C731) relm - CTL NL61 Chromebook relm - Edxis Education Chromebook relm - HP Chromebook 11 G5 EE relm - Mecer V2 Chromebook rikku - Acer Chromebox CXI2 samus - Google Chromebook Pixel (2015) sentry - Lenovo Thinkpad 13 Chromebook setzer - HP Chromebook 11 G5 / HP Chromebook 11-vxxx squawks - ASUS Chromebook C200 sumo - AOpen Chromebase Commercial swanky - Toshiba Chromebook 2 terra - ASUS Chromebook C202SA terra - ASUS Chromebook C300SA/C301SA tidus - Lenovo ThinkCentre Chromebox tricky - Dell Chromebox ultima - Lenovo ThinkPad 11e Chromebook 3rd Gen (Yoga/Clamshell) veyron-fievel - AOpen Chromebox Mini veyron-jaq - Haier Chromebook 11 veyron-jaq - Medion Akoya S2013 veyron-jaq - True IDC Chromebook 11 veyron-jaq - Xolo Chromebook veyron-jerry - CTL J2 / J4 Chromebook for Education veyron-jerry - eduGear Chromebook K Series veyron-jerry - Epik 11.6" Chromebook ELB1101 veyron-jerry - HiSense Chromebook 11 veyron-jerry - Mecer Chromebook veyron-jerry - NComputing Chromebook CX100 veyron-jerry - Poin2 Chromebook 11 veyron-jerry - Positivo Chromebook CH1190 veyron-jerry - VideoNet Chromebook BL10 veyron-mickey - ASUS Chromebit CS10 veyron-mighty - Chromebook PCM-116E veyron-mighty - eduGear Chromebook M Series veyron-mighty - Haier Chromebook 11e veyron-mighty - Lumos Education Chromebook veyron-mighty - MEDION Chromebook S2015 veyron-mighty - Nexian Chromebook 11.6-inch veyron-mighty - Prowise 11.6" Entry Line Chromebook veyron-mighty - Sector 5 E1 Rugged Chromebook veyron-mighty - Viglen Chromebook 11 veyron-minnie - ASUS Chromebook Flip C100PA veyron-speedy - ASUS Chromebook C201PA veyron-tiger - AOpen Chromebase Mini winky - Samsung Chromebook 2 11 - XE500C12 wizpig - CTL J5 Chromebook wizpig - Edugear CMT Chromebook wizpig - Haier Convertible Chromebook 11 C wizpig - PCMerge Chromebook PCM-116T-432B wizpig - Prowise ProLine Chromebook wizpig - Viglen Chromebook 360 wolf - Dell Chromebook 11 zako - HP Chromebox CB1-(000-099) / HP Chromebox G1/ HP Chromebox for Meetings https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_firmware_update I not found a full list of Windows pcs only this info https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012 Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted October 20, 2017 Administrator Share Posted October 20, 2017 From what I have read, the protocol is basically broken and untrustable due to this. Some even requesting a new protocol - which I expect to be made sooner or later. But looking at it again, while the whole world which cares nothing about security updates might be effected, those actually paying attention to their updates need not be too concerned about it. Provided that product makers care about giving updates to almost all of their products, not only the latest and most expensive ones I think. Link to comment Share on other sites More sharing options...
steven36 Posted October 20, 2017 Share Posted October 20, 2017 2 hours ago, DKT27 said: From what I have read, the protocol is basically broken and untrustable due to this. Some even requesting a new protocol - which I expect to be made sooner or later. But looking at it again, while the whole world which cares nothing about security updates might be effected, those actually paying attention to their updates need not be too concerned about it. Provided that product makers care about giving updates to almost all of their products, not only the latest and most expensive ones I think. From what i read RSA is not broken its TPM Chipsets Generate Insecure RSA keys whats broken is TPM Chipsets they produce really weak keys it don't effect RSA used in other ways but even crackers crack apps protected with weak RSA keys . If RSA was broken it would effect all motherboards but it don't it only effects TPM Chipsets. How to Check If Your Computer Has a Trusted Platform Module (TPM) Chip https://www.howtogeek.com/287737/how-to-check-if-your-computer-has-a-trusted-platform-module-tpm-chip/ The DELL I'm on right now don't have this chip even . Quote Trusted Platform Module The FAQ section of the VeraCrypt website states that the Trusted Platform Module (TPM) cannot be relied upon for security, because if the attacker has physical or administrative access to the computer and you use it afterwards, the computer could have been modified by the attacker e.g. a malicious component—such as a hardware keystroke logger—could have been used to capture the password or other sensitive information. Since the TPM does not prevent an attacker from maliciously modifying the computer, VeraCrypt will not support TPM. Quote While TPMs have benefits, there's always a risk that the manufacturer has put a back-door in. The decision of whether to use a TPM reflects the software's priorities. VeraCrypt wants to put you in charge and avoids the TPM back-door risk Sounds like they found the backdoor into Bitlocker Link to comment Share on other sites More sharing options...
SB7 Posted October 21, 2017 Share Posted October 21, 2017 I wouldn't be surprised if this "weakness" was insisted upon , by the NSA... ( the twisted Infineon's arms) .. after all they have a history of trying to weaken encryption ..for their own benefit.. Link to comment Share on other sites More sharing options...
samuelthegreat Posted February 15, 2018 Share Posted February 15, 2018 Your Wi-Fi Can Be Hacked Due to WPA2 Protocol Vulnerability Called KRACK The group of cybersecurity experts has recently found the greatest and unprecedented vulnerability in the security of Wi-Fi networks. The most popular security protocol for WI-FI networks – the WPA2 protocol appears to be the weak link. What is KRACK? New vulnerability called KRACK allows hackers to intercept and steal passwords, monitor user actions on the Internet and replace messages or data. A joint group of cybersecurity researchers from the University of Leuven, Huawei Technologies, and the University of Birmingham, presented their work called: Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, which is shortly called KRACK. These newly discovered WPA2 vulnerabilities allow hackers to bypass protection and “listen” for Wi-Fi traffic between the access point and the device. Virtually all devices connected to Wi-Fi are in danger. So the risk extends not only to your computers, mobile phones, laptops, and tablets but to your smart TV, smart refrigerator, and even your smart lock. KRACK gives hackers an opportunity to perform a man-in-the-middle attack and push network members into reinstalling the encryption keys that protect WPA2 traffic. In case networks are configured to use GCMP or WPA-TKIP protocols, attackers can not only listen for WPA2 traffic but also inject packets into victim data. Even though all the major manufacturers of Wi-Fi routers and other devices were informed of the vulnerabilities of the WPA2 protocol more than six months ago, most of them have not been able to find and implement solutions to address the issue. It means that most devices using Wi-Fi networks are still vulnerable. Although security researchers do not have any pieces of evidence that this vulnerability was ever used by hackers, we still need to exercise the best security practices to stay safe. What can you do to protect your personal data? A password reset trick, in this case, cannot prevent the possibility of an attack. Researchers advise making sure that the router uses the latest firmware version. Check for the presence/absence of a patch for a specific vendor here, or on the manufacturer’s homepage. Do not use sites that are not secured by SSL encryption. Websites protected by SSL encryption always start with https: // Avoid public Wi-Fi at all costs. For example, McDonald’s, hotels, airports are the most likely places to attack the device. Use a VPN on all of your devices: Mac, Windows or even on your Wi-Fi router. Use a wired connection if your device includes a jack to connect an Ethernet cable. This exploit only affects 802.11 traffic between the Wi-Fi router and the connected device. Author’s Bio David Balaban is a computer security researcher with over 15 years of experience in malware analysis and antivirus software evaluation. David runs the Privacy-PC.com project which presents expert opinions on the contemporary information security matters, including social engineering, penetration testing, threat intelligence, online privacy and white hat hacking. SOURCE Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.