Most Wi-Fi enabled devices – computer, phone, tablet, e-reader and watches are likely to be affected, and they will need manufacturer’s updates to block it. Before this, some safety comes from it being a wireless rather than Internet-based vulnerability, probably, so would-be exploiters have to be physically local.
In a paper ‘Key reinstallation attacks: Forcing nonce reuse in WPA2‘, to be presented as CCS’17 (Dallas, 30oct-03nov), Mathy Vanhoef and Frank Piessens will describe in detail how the attach works – by making use of something compulsory in the Wi-Fi standards.
“The recently-disclosed key re-installation attacks are a series of serious weaknesses in the WPA2 protocol that is used to secure the vast majority of modern Wi-Fi networks,” said Sebastien Jeanquier, consultant at Context Information Security.
“An attacker within range of a Wi-Fi client can trick that client into using a cryptographic key that the attacker is able to calculate, thus allowing the attacker to decrypt and eavesdrop on all of the network traffic between the Wi-Fi client and the Access Point. This could allow the attacker to steal usernames and passwords, as well as personal or financial information. The vulnerabilities are within the Wi-Fi standard itself and not individual products or implementations. As such, all Wi-Fi enabled devices should be considered affected and vulnerable, until a patch is made available by their respective vendors.”
Before fixes are applied, he suggests using Ethernet or 4G instead of Wi-Fi, and connecting via encryption is Wi-Fi is unavoidable – by virtual private network (VPN), or only communicating with websites whose URL’s start ‘https://’ – with the ‘s’ being the important bit.
According to the Vanhoef/Piessens CCS paper, when a client joins a network, it executes the 4-way handshake to negotiate a fresh session key and then sends a certain message.
Because connections can be dropped, there is a mechanism that re-uses the same key to send the same message – and this is where the trouble starts.