paper

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2

  • Authors:
Read the paper

📜 Abstract

We introduce key reinstallation attacks, or Krack for short. The main idea behind these attacks is to exploit features of the 4-way handshake of the WPA2 protocol to reinstall an already-in-use key and thereby reset internal packet numbers and receive replayed frames. An adversary can thus decrypt and/or inject packets without knowing the encryption key. We verified the attack against macOS, OpenBSD, Windows, and other implementations. Our results demonstrate that implementations of WPA2 can be tricked into installing an already-in-use key, thereby resetting internal counters associated to it. We show how a third party can abuse replayed message to fool clients into resetting nonce and packet numbers, being able to decrypt and/or possibly inject packets that are exchanged between the access point and a client. We also present practical mitigations against these attacks.

✨ Summary

The paper titled “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” by Mathy Vanhoef and Frank Piessens was presented at the ACM Conference on Computer and Communications Security in 2017. It details a significant vulnerability in the WPA2 security protocol employed by most Wi-Fi networks, known as a Key Reinstallation Attack (KRACK).

The attack targets the 4-way handshake of WPA2, which is responsible for key management in the protocol. By manipulating handshake messages, the attacker can reinstall the cryptographic key, forcing nonce reuse and allowing packet decryption and injection without knowledge of the network key. This has serious implications for the confidentiality and integrity of communications on affected networks. Practical implementations of the attack have been demonstrated on various systems, illustrating its feasibility.

Following its publication, KRACK prompted widespread scrutiny and revisions in Wi-Fi security protocols. Affected vendors released patches, and the IEEE took initiatives to amend the 802.11i standard to address the vulnerability. The attack profoundly influenced Wi-Fi security policies globally, emphasizing the necessity for more robust cryptographic practice in network protocols.

Research following this paper has expanded on the intricacies of wireless vulnerabilities and has influenced efforts in reinforcing existing communication standards. The critical nature of the findings has been referenced extensively in scholarly research as well as in industry reports dealing with Wi-Fi network security. Citations include: