Hi all,
Many of you may be aware of this as there's been a lot of press commentary already today, but some fundamental issues with WPA and WPA2 key security have been found by security researchers and published here at 3PM UK today with the title "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2": https://papers.mathyvanhoef.com/ccs2017.pdf
Additional commentary with an FAQ by the paper's authors in a more easily readable format is posted here: https://www.krackattacks.com/
These have been wrapped up into a single publication of ten CVE announcements. Nine affect the supplicant and one affects the AP. These are:
CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
CVE-2017-13078: reinstallation of the group key in the Four-way handshake
CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
CVE-2017-13080: reinstallation of the group key in the Group Key handshake
CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
As these are protocol level issues, rather than implementation-specific level issues, all Wi-Fi vendors are affected. The publication date was agreed by the security researchers and hundreds of wireless vendors in advance via CERT/CC to allow everyone time to remediate the issues from their software.
Statements have been published by the Wi-Fi Alliance here: https://www.wi-fi.org/securityupdate2017 and ICASI here: http://www.icasi.org/wi-fi-protected-access-wpa-vulnerabilities
Cisco's response to the published paper with guidance on obtaining fixed software is available here in this PSIRT announcement: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
It may be prudent for everyone to review their own Wi-Fi vendor's guidance on how to upgrade their implementation to remediate any risk of exploit.
Regards,
Paul Hill
--
Paul A. Hill CCDP, CCNP Wireless, CWNP Inc. CWDP & CWSP
Systems Engineer - Education Team
Head of Wireless Technologies, Public Sector UK
Cisco International Ltd. E-mail: [log in to unmask]
10 New Square Direct Tel: +44 (0)20 8824 8534
Bedfont Lakes Direct Fax: +44 (0)20 7900 2337
Feltham Mobile *: As Direct Telephone
Middlesex Main Tel: +44 (0)20 8824 1000
TW14 8HA Main Fax: +44 (0)20 8824 1001
United Kingdom Voicemail: 844 48534
* Single Number Reach rings all of my contact devices simultaneously.
|