WPA2 has been cracked

[Ryujin2003]

2 hours ago, paddy-stone said:

Might sound stupid here (probably). But what if you don't broadcast your SSID?

Might just be better to reduce the power on your router. I can't access my network outside of my house, so someone would have to break in to attack WiFi... Internet security would be the least of problems at that point.

[Liltrekkie]

6 minutes ago, Ryujin2003 said:

Might just be better to reduce the power on your router. I can't access my network outside of my house, so someone would have to break in to attack WiFi... Internet security would be the least of problems at that point.

I think realistically most router companies will release a patch or firmware update for this like mine did. So none of that would be necessary. 

[Ryujin2003]

3 minutes ago, Liltrekkie said:

I think realistically most router companies will release a patch or firmware update for this like mine did. So none of that would be necessary. 

I would hope so, but what she gets cut off? Only AC routers get the update? Or everything from past 5 years? I guess I'll log into my router and check for updates regularly.

 

Sidenote, I have a second there that only received the signal from my main router and then retransmits ONLY via LAN. Will this still be  you cannot connect to it wirelessly and it does show up as an option. It's just a bridge.

[Kamina]

Everybody panic!

[sazrocks]

1 hour ago, huilun02 said:

Hacker would have to be in wifi range, and then router admin would be able to see a new unknown client

I might be mistaken, but I’m pretty sure this would allow a hacker to just snoop on the packets any given client is sending/receiving.

[leadeater]

44 minutes ago, Kamina said:

Everybody panic!

Ok

 

[ARikozuM]

3 minutes ago, leadeater said:

Ok

 

48 minutes ago, Kamina said:

Everybody panic!

Is it Nine in the Afternoon, already?!

[Drak3]

50 minutes ago, Kamina said:

Everybody panic!

At the Disco?

 

5 minutes ago, leadeater said:

Ok

 

So long as this man is safe, I'm all good.

10 minutes ago, ARikozuM said:

Is it Nine in the Afternoon, already?!

15 after tha hour, it's kinda cheesy.

[captain_to_fire]

Which means it wouldn't matter if I replace the ISP provided router/modem combo with a dedicated router. But I don't think at the moment people should panic unless you're a government employee or a big corporation. 

[ionbasa]

5 hours ago, Lurick said:

From what I can tell with a brief look over the paper, it MIGHT be able to be fixed with a firmware upgrade or code change to the key generation algorithm on the router's side. From reading one of the sections about getting the KEK, depending on what's used by the router itself to generate the key (big or small endians) then it can be a monumental task to get the key. The attack also appears to need TKIP to work, which should have been replaced by AES-256 at this point and using AES might make this attack moot, but I haven't read much more beyond that.

The issue is that some wireless APs/routers use AES + TKIP for fallback and backwards compatibility for some older clients. In which case, we're all screwed in the name of compatibility (on 2.4Ghz N and below). Most routers run in Mixed mode, so its definatly still an issue.

[S w a t s o n]

Has anyone confirmed it's just TKIP with the problem? The tweets say otherwise.

[79wjd]

3 hours ago, MrUnknownEMC said:

MAC FILTERING ON. SEPARATED VLAN ON. Still only would able to access my wireless network unless i have made firewall pinhole for certain mac addresses. 

MAC filtering is basically worthless; MAC Address spoofing is stupidly easy. 

[bcredeur97]

40 minutes ago, Swatson said:

Has anyone confirmed it's just TKIP with the problem? The tweets say otherwise.

it's not. It's WPA2 in general and the flaw is in the 4-way handshake itself. Not the encryption algo.

 

 

so... yeah this is gonna be a fun conversation at work tomorrow. lol

[captain_to_fire]

1 hour ago, Arokhantos said:

 

Aren't those usually the most lazy about upgrading or fixing things ?

Most of them that’s why they’re frequently targeted for hacking. Don’t get me started with corporations using out of date operating systems and refusing update installations. 

[Zodiark1593]

15 minutes ago, bcredeur97 said:

it's not. It's WPA2 in general and the flaw is in the 4-way handshake itself. Not the encryption algo.

 

 

so... yeah this is gonna be a fun conversation at work tomorrow. lol

IT Manager: Uhmm, yeah, we're gonna have to replace all of our wireless APs...

Executive: Didn't we just finish rolling out the upgrades last month?

IT Manager: Uhmm, yeah...

Executive: ... ... ... You're fired.

[DrMacintosh]

Wonder how long it will take Apple to update their AirPort base stations. Also wonder how long it will take Linksys to update my router. 

[Jinchu]

7 hours ago, snortingfrogs said:

From Twitter

 

https://twitter.com/Nick_Lowe/status/919527451570638848

Based on the twitter feed there is lot of speculation until the disclosure, that is tomorrow. Wait and see. This could be bad, but also might not.

[Liltrekkie]

5 hours ago, Ryujin2003 said:

I would hope so, but what she gets cut off? Only AC routers get the update? Or everything from past 5 years? I guess I'll log into my router and check for updates regularly.

 

Sidenote, I have a second there that only received the signal from my main router and then retransmits ONLY via LAN. Will this still be  you cannot connect to it wirelessly and it does show up as an option. It's just a bridge.

Anything that receives active product support will get a firmware update. So about 10 years, company depending.

[leadeater]

2 hours ago, bcredeur97 said:

it's not. It's WPA2 in general and the flaw is in the 4-way handshake itself. Not the encryption algo.

 

 

so... yeah this is gonna be a fun conversation at work tomorrow. lol

@Lurick

 

Any idea how this is going to effect RADIUS/802.1x wireless networks? I'd like to say they should not be affected but I'd like to see those unreleased CVE's first, it could also depend on implementation too so there might not even be a solid answer.

[vorticalbox]

the paper for this was released last year.

 

Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys [pdf]

 

https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_vanhoef.pdf

[KuJoe]

8 hours ago, leadeater said:

Haven't most people in the security industry recommended to not use TKIP for a few years now? I thought flaws with it were already discovered, or at least theorized. 

I was always told that TKIP was only supposed to be used for legacy devices.

[LAwLz]

43 minutes ago, vorticalbox said:

the paper for this was released last year.

 

Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys [pdf]

 

https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_vanhoef.pdf

That is not the same paper.

It's written by the same author and is most likely related, but it will not be the exact same paper.

The white paper released today will most likely include many new vulnerabilities and attacks.

 

 

3 hours ago, Zodiark1593 said:

IT Manager: Uhmm, yeah, we're gonna have to replace all of our wireless APs...

Executive: Didn't we just finish rolling out the upgrades last month?

IT Manager: Uhmm, yeah...

Executive: ... ... ... You're fired.

APs won't need to be replaced. At worst the controller will need to be replaced, but it seems like some vendors have already started sending out updates for it (Meraki, Mikrotik, Ubiquiti).

So chances are this will only be a problem for consumer stuff.

 

 

4 hours ago, Swatson said:

Has anyone confirmed it's just TKIP with the problem? The tweets say otherwise.

Nothing is known yet, but it seems like this will not be an issue related to TKIP. It seems to be something else.

The author of the original article decided to include an extract from an old report which was related to TKIP, but this seems to be something completely different.

[KuJoe]

Thank god Ubiquiti already released firmware to address these exploits.

[mr moose]

4 hours ago, djdwosk97 said:

MAC filtering is basically worthless; MAC Address spoofing is stupidly easy. 

 

wouldn't the person who wants unrequested access to your wifi network then need to know a white listed mac address?

[LAwLz]

6 minutes ago, mr moose said:

 

wouldn't the person who wants unrequested access to your wifi network then need to know a white listed mac address?

I don't remember where the WPA2 encryption is applied, but chances are the MAC address is not encrypted. If that's the case then finding a white listed mac address will take like 10 seconds (not hyperbole).