CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Sunday, October 26, 2025

KRACK Wi-Fi Attack: How It Works and How to Stay Safe

 KRACK (Key Reinstallation Attack)

KRACK (Key Reinstallation Attack) is a serious vulnerability discovered in 2017 that affects the WPA2 protocol, which secures most modern Wi-Fi networks. Here's a detailed explanation:

What Is KRACK?
KRACK is a man-in-the-middle (MitM) attack that exploits a flaw in the 4-way handshake used by WPA2 to establish a secure connection between a client (like a phone or laptop) and a Wi-Fi access point.

The attack was discovered by Mathy Vanhoef, a security researcher, and it revealed that WPA2, previously considered very secure, had a critical design flaw.

How the WPA2 4-Way Handshake Works
When a device connects to a Wi-Fi network, the 4-way handshake is used to:
1. Confirm that both the client and access point know the correct password.
2. Generate a fresh encryption key, called the PTK (Pairwise Transient Key).
3. Install the key to encrypt traffic.

How KRACK Exploits the Handshake
The vulnerability lies in Step 3 of the handshake. If an attacker replays the third message of the handshake, the client will reinstall the same encryption key, resetting associated parameters such as the packet number (nonce).

This allows the attacker to:
  • Decrypt packets.
  • Replay packets.
  • Forge packets.
  • In some cases, inject malware or manipulate data.
What KRACK Can Do
  • Eavesdrop on sensitive data like passwords, emails, and credit card numbers.
  • Hijack connections to websites or services.
  • Inject malicious content into unencrypted HTTP traffic.
Who Is Affected?
  • All WPA2 implementations were vulnerable at the time of discovery.
  • Affected devices include Windows, Linux, Android, macOS, iOS, and many IoT devices.
  • Android and Linux were especially vulnerable due to how they handled key reinstallation (they reset the key to all zeros).
How to Protect Against KRACK
1. Update your devices: Most major vendors released patches shortly after the vulnerability was disclosed.
2. Use HTTPS: Even if Wi-Fi is compromised, HTTPS encrypts web traffic.
3. Use VPNs: Adds an extra layer of encryption.
4. Replace outdated routers: Some older routers may never receive patches.

Final Thoughts
KRACK didn’t break the encryption algorithm itself (like AES), but instead exploited a flaw in how the protocol was implemented. It was a wake-up call for the security community and led to the development of WPA3, which addresses many of WPA2’s weaknesses.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)