A key reinstallation attack vulnerability in the WPA2 wi-fi protocol has been made public today[1]. Security researcher Mathy Vanhoef[2] has identified what he dubs a “serious weakness” in the wireless protocol.
The tl;dr is that an attacker within range of a person logged onto a wireless network could use key reinstallation attacks to bypass WPA2 network security and read information that was previously assumed to be securely encrypted — thereby enabling them to steal sensitive data passing over the network, be it passwords, credit card numbers, chat messages, emails, photos, and so on.
“The attack works against all modern protected Wi-Fi networks,” according to Vanhoef.
Depending on network configuration, he says the vulnerability can also allow for an attacker to inject and manipulate data — such as by adding ransomware or malware to a website, for example.
Here’s the relevant para from the abstract of his research paper[3]:
All protected Wi-Fi networks use the 4-way handshake to generate a fresh session key. So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, we show that the 4-way handshake is vulnerable to a key reinstallation attack. Here, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying handshake messages. When reinstalling the key, associated parameters such as the incremental transmit packet number (nonce) and receive packet number (replay counter) are reset to their initial value. Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake. The impact depends on the handshake being attacked, and the data-confidentiality protocol in use. Simplified, against AES-CCMP an adversary can replay and decrypt (but not forge) packets. This makes...