[Updated] Kr00k Cracks Encryption on Cable-less Communication - Billions of iOS, Android, and Routers affected by flaw in WPA2 implementations

[rcmaehl]

Source:
ESET

ZDNet
Whitepaper

 

Summary:

A newly discovered vulnerability in WPA2 allows attackers to trick devices into using an all zero encryption key without needing to know the wireless network key.

 

Media:

 

Quotes/Excerpts:

Quote

Named Kr00k, this bug can be exploited by an attacker to intercept and decrypt...WiFi network traffic (relying on WPA2 connections).  Kr00k affects all WiFi-capable devices running on Broadcom and Cypress Wi-Fi chips. These are two of the world's most popular WiFi chipsets, and they are included in almost everything, from laptops to smartphones, and from access points to smart speakers and other IoT devices. ESET said it believes that more than a billion devices are vulnerable to Kr00k, and they consider this number "a conservative estimate." Kr00k impacts the encryption used to secure data packets sent over a WiFi connection. Typically, these packets are encrypted with a unique key that depends on the user's WiFi password. However, ESET researchers say that for Broadcom and Cypress Wi-Fi chips, this key gets reset to an all-zero value. Disassociation is something that occurs naturally in a WiFi connection. It refers to a temporary disconnection that usually happens due to a low WiFi signal. WiFi devices enter into disassociated states many times a day, and they're automatically configured to re-connect to the previously used network when this happens. Attackers can force devices into a prolonged disassociated state, receive WiFi packets meant for the attacked device, and then use the Kr00k bug to decrypt WiFi traffic using the all-zero key. This attack scenario allows hackers to actively intercept and decrypt WiFi packets, normally considered to be secure. Kr00k bug only impacts WiFi connections that use WPA2-Personal or WPA2-Enterprise WiFi security protocols, with AES-CCMP encryption. You can protect yourself against attacks by using the newer WPA3 WiFi authentication protocol. Users can check if they received Kr00k patches by checking their device OS/firmware changelogs for fixes against CVE-2019-15126, which is the unique ID assigned to track this bug.

Quote

The client devices that we positively tested in our lab to be vulnerable to Kr00k include: • Amazon Echo 2nd gen • Amazon Kindle 8th gen • Apple iPad mini 2 • Apple iPhone 6, 6S, 8, XR • Apple MacBook Air Retina 13-inch 2018 • Google Nexus 5 • Google Nexus 6 • Google Nexus 6S • Raspberry Pi 3 • Samsung Galaxy S4 GT-I9505 • Samsung Galaxy S8 • Xiaomi Redmi 3S

In our lab, we were able to confirm that some wireless routers by ASUS and Huawei were vulnerable in this way. Specifically, we positively tested: • Asus RT-N12 • Huawei B612S-25d • Huawei EchoLife HG8245H • Huawei E5577Cs-321

We estimate that the number of affected devices, prior to patching, was well over a billion as the billion mark is passed by counting only the number of affected iPhone generations we tested.

 

My Thoughts:

While this isn't another KRACK, this is still more of the WPA2 vulnerabilities being discovered. WPA2 is quickly going the way of WEP and WPA and consumers should definitely consider upgrading. I would not be surprised if WPA2 is as easily broken as the other two protocols are within 3 years.

[NinJake]

Darn Kr00ks get outta here! I don't view wifi as secure anyways. If it's connected to the internet in any way shape or form... there's bound to be a way in eventually.

 

Would using a VPN over a kr00k wifi network provide any benefit?

[RejZoR]

I guess everyone running Qantenna and Atheros are fine then? Now it's just a question whether one party needs to be the vulnerable one or both sides?

[rcmaehl]

Just now, RejZoR said:

I guess everyone running Qantenna and Atheros are fine then? Now it's just a question whether one party needs to be the vulnerable one or both sides?

According to the whitepaper, only one side.

[rcmaehl]

1 minute ago, NinJake said:

Darn Kr00ks get outta here! I don't view wifi as secure anyways. If it's connected to the internet in any way shape or form... there's bound to be a way in eventually.

 

Would using a VPN over a kr00k wifi network provide any benefit?

Yes, this would provide additional encryption.

[RejZoR]

3 minutes ago, NinJake said:

Darn Kr00ks get outta here! I don't view wifi as secure anyways. If it's connected to the internet in any way shape or form... there's bound to be a way in eventually.

 

Would using a VPN over a kr00k wifi network provide any benefit?

It would. WiFi traffic would be "decoded" just to reveal another stream of encryption within it done by VPN with a method that's not affected by this.

[TVwazhere]

13 minutes ago, rcmaehl said:

WPA2 is quickly going the way of WEP and WPA and consumers should definitely consider upgrading. I would not be surprised if WPA2 is as easily broken as the other two protocols are within 3 years.

Dont we need entirely new routers for this though? Theoretically it could be rolled out onto older hardware that supports it but I havent seen that happen. (For reference I have an Asus RT-AC68U)

[rcmaehl]

Just now, TVwazhere said:

Dont we need entirely new routers for this though? Theoretically it could be rolled out onto older hardware that supports it but I havent seen that happen. (For reference I have an Asus RT-AC68U)

We shouldn't need to, but when was the last time you saw a major update for a router?

[Lurick]

Just now, TVwazhere said:

Dont we need entirely new routers for this though? Theoretically it could be rolled out onto older hardware that supports it but I havent seen that happen. (For reference I have an Asus RT-AC68U)

Enterprise stuff can do it with a software update and I would assume/hope recent-ish consumer routers that are still getting updates should be able to as well but there is such a wide field I doubt it in most cases as most manufacturers would rather you buy new gear instead.

[TechyBen]

20 minutes ago, TVwazhere said:

Dont we need entirely new routers for this though? Theoretically it could be rolled out onto older hardware that supports it but I havent seen that happen. (For reference I have an Asus RT-AC68U)

Yeah, 99% of the stuff I know of uses WPA2.

[LAwLz]

Doesn't seem like a massive security risk. 

It only compromises the traffic from the vulnerable endpoint, not the entire network, and it can easily be fixed with an update (which seems to have already been developed). 

[Master Disaster]

18 minutes ago, LAwLz said:

Doesn't seem like a massive security risk. 

It only compromises the traffic from the vulnerable endpoint, not the entire network, and it can easily be fixed with an update (which seems to have already been developed). 

Exactly, plus if the device is forced into disassociation then surely the router would detect that and at that point the only thing it should be sending to the device is handshake requests anyway.

[Ashleyyyy]

2 hours ago, RejZoR said:

It would. WiFi traffic would be "decoded" just to reveal another stream of encryption within it done by VPN with a method that's not affected by this.

but then HTTPS is safe too right? or no?

[Donut417]

I guess more devices need to start supporting WPA3 then. I know my router does, but I dont think I have any devices that do. 

[TempestCatto]

Is it WPA2-AES, WPA2-PSK, WPA2-TKIP or everything related to WPA2?

[rcmaehl]

22 minutes ago, TempestCatto said:

Is it WPA2-AES, WPA2-PSK, WPA2-TKIP or everything related to WPA2?

WPA2-AES (CCMP)
WPA2-TKIP has had flaws for a while

WPA2-PSK isn't a security protocol

[TempestCatto]

16 minutes ago, rcmaehl said:

WPA2-AES (CCMP)
WPA2-TKIP has had flaws for a while

WPA2-PSK isn't a security protocol

So all of them?

 

Maybe I misunderstand what PSK is, it does appear to be security related. But perhaps for something else: https://www.webopedia.com/TERM/W/WPA2_PSK.html

[Syaoran]

8 hours ago, rcmaehl said:

Source:
ESET

ZDNet

It's the same link

[HalGameGuru]

8 hours ago, RejZoR said:

I guess everyone running Qantenna and Atheros are fine then? Now it's just a question whether one party needs to be the vulnerable one or both sides?

I thought atheros WAS broadcom

[WereCatf]

6 hours ago, Twilight said:

but then HTTPS is safe too right? or no?

Yes. This vulnerability does not decrypt any of your already-encrypted traffic, so SSH, HTTPS etc. traffic is still perfectly safe. That alone makes this vulnerability a lot less harmful than it might seem at first.

[WereCatf]

6 minutes ago, HalGameGuru said:

I thought atheros WAS broadcom

No, it's Qualcomm.

[WereCatf]

4 hours ago, TempestCatto said:

Maybe I misunderstand what PSK is, it does appear to be security related. But perhaps for something else: https://www.webopedia.com/TERM/W/WPA2_PSK.html

PSK stands for pre-shared key, it's an authentication-method. AES and TKIP are encryption-methods. Normal consumers typically use PSK, ie. they just enter a WiFi-password in, but enterprises may use a certificate-based authentication instead. The authentication-method is how the access-point determines if they wish to allow you in or not and the encryption-method is then used to encrypt the traffic, so you need a combination of both.

[Salv8 (sam)]

well...

time to upgrade work's wireless network!

yay!!!!

[TVwazhere]

12 hours ago, comander said:

The routers are fine. (routers being the components that route traffic between and across networks)
It's the wireless access points (the devices which broadcast wifi as a way of connecting to a network) which are an issue. 

Correct. I'm still in the habbit of calling my consumer Router/AP combo just a router even though it's the AP portion of this that send the Wifi signal.

[rcmaehl]

7 hours ago, Syaoran said:

It's the same link

Corrected