- Регистрация
- 05.05.2008
- Сообщения
- 2 485
- Реакции
- 2 188
- Баллы
- 113
- Местоположение
- here and there
- Native language | Родной язык
- Other language
Key Reinstallation Attacks
Breaking WPA2 by forcing nonce reuse
Discovered by
Mathy show how this attack occur and explain about it on youtube video and text.
INTRODUCTION
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the
The research behind the attack will be presented at the
DEMONSTRATION
Breaking WPA2 by forcing nonce reuse
Discovered by
You do not have permission to view link please Вход or Регистрация
of
You do not have permission to view link please Вход or Регистрация
, KU LeuvenMathy show how this attack occur and explain about it on youtube video and text.
INTRODUCTION
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the
You do not have permission to view link please Вход or Регистрация
, or contact your vendor.The research behind the attack will be presented at the
You do not have permission to view link please Вход or Регистрация
conference, and at the
You do not have permission to view link please Вход or Регистрация
conference. Our
You do not have permission to view link please Вход or Регистрация
can already be downloaded.DEMONSTRATION
You do not have permission to view link please Вход or Регистрация