Tags:

The Death Of WPA2 Security Protocol, What Next?

By Kachi Ojieh Monday, October 16, 2017
Good morning friends. Not my style to start the beginning of the week with a bad news but someone has to say it: your Wi-Fi router and other internet connected gadgets might be at risk as vulnerabilities have been discovered in WPA2 encryption protocol. The flaw which is now called KRACK (Key Reinstallation Attacks) makes use of loop holes in Wi-Fi security enabling hackers to listen to communications between computers and wireless access points.

Hackers who are close by to your home or office network could definitely monitor and crack your Wi-Fi password and do whatever they like with the information intercepted which are mostly unsecured or unencrypted data.

Security experts Mathy Vanhoef and Frank Piessens working at Belgian University KU Leuven discovered the vulnerabilities. Ten common vulnerabilities and exposures (CVE) records were affected, they are CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087 and CVE-2017-13088.

These may not be the end of the world as we also hear that 41% of Android devices are vulnerable to this attack. Mathy Vanhoef stated that the vulnerability is "exceptionally devastating" for Android 6.0 Marshmallow and above.

The United States Computer Emergency Readiness Team (US-CERT) issued the accompanying cautioning in light of this recent development:

“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.”

Could this be the death of WPA2 encryption protocol? What do you think? Over to you.
Good morning friends. Not my style to start the beginning of the week with a bad news but someone has to say it: your Wi-Fi router and other internet connected gadgets might be at risk as vulnerabilities have been discovered in WPA2 encryption protocol. The flaw which is now called KRACK (Key Reinstallation Attacks) makes use of loop holes in Wi-Fi security enabling hackers to listen to communications between computers and wireless access points.

Hackers who are close by to your home or office network could definitely monitor and crack your Wi-Fi password and do whatever they like with the information intercepted which are mostly unsecured or unencrypted data.

Security experts Mathy Vanhoef and Frank Piessens working at Belgian University KU Leuven discovered the vulnerabilities. Ten common vulnerabilities and exposures (CVE) records were affected, they are CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087 and CVE-2017-13088.

These may not be the end of the world as we also hear that 41% of Android devices are vulnerable to this attack. Mathy Vanhoef stated that the vulnerability is "exceptionally devastating" for Android 6.0 Marshmallow and above.

The United States Computer Emergency Readiness Team (US-CERT) issued the accompanying cautioning in light of this recent development:

“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.”

Could this be the death of WPA2 encryption protocol? What do you think? Over to you.

Post Tags:

Kachi Ojieh
Kachi Ojieh

"Tech Is Before Anything Else since 2017". Kachi Ojieh is the CEO and Founder of Tech Is Bae. An enthusiastic blogger with the heart to unify all tech lovers across the globe. Currently working to make sure readers keep coming back for more.

No Comment to " The Death Of WPA2 Security Protocol, What Next? "