An infographic about KRACK (aka WiFi WPA2 vulnerability)
THE PROBLEM:
The original WPA2 protocol is vulnerable since its introduction in 2004. The vulnerability allows attackers to "observe" Wi-Fi communications between affected end-point and associated access point. Hence any wireless network traffic that is not using a secure, upper layer protocol such as HTTPS, TLS, SSH, IPSec (VPN) can be sniffed by the attacker and unsecured data payload can be viewed, and also arguably, even been modified.
THE IMPACT:
Any Wi-Fi endpoint that supports WPA2, or any Access Point that is configured as “supplicant” and to use WPA2 protocols. That’s pretty much is everything that we use today in a personal or an enterprise environment. (Hopefully, nobody is still using WEP and WPA; those protocols have their own weaknesses and are already deprecated years ago.)
* iOS and Windows devices are less vulnerable than Android and Linux.
THE HOW:
The condition of MiM (man-in-the-middle) attack requires attacker to be within the Wi-Fi range of the target. Hint: it is not easy use the vulnerability to attack real victims; that being said, if you saw a white van parked outside of your house, you might want to pay some attention to it....OK, that's a joke....
THE FIX:
The quickest fix to this problem is on the client side (i.e iOS, Windows, Linux, Android devices). Look for updates from major vendors such as Microsoft, Apple, Google, etc. in the future. For the most of people, there is no need to update WiFi access point's firmware just yet.
UPDATE #1 Oct 24, 2017
Many thanks to Adolfo Zamerza for translating the post into Spanish, see Adolfo's blog post below:
UPDATE #2 Oct 24, 2017
Updated map to include high-level event sequence per user's comments.
Sr. IT Systems Engineer at Tungsten Automation
7 年Great explanation...though now I am looking out my window for a suspicious white van.
APAC's Cybersecurity Risk Management Advisory & Threat Intelligence Expert For Critical Infrastructure (IT/OT/Telco)
7 年according to the research paper.. the rouge wifi AP is in MiTM mode.. act between victim and real wifi AP. im not sure how this diagram will explain attack on the 802.11r
TAC WIFI Secure Access Senior Engineer en Fortinet
7 年Excelent and concise explanation, I would like ask your permission to translate to Spanish and add it to my blog, credits will be honored.
Cyber Assurance, Security Testing, GRC
7 年The explanation was lacking technical details as to how key reinstallation is forced. Plus either make a linear infographic or mark the images to depict the sequence. It took me some time to understand the process flow.