Hi all,
In a small update on this issue:
I forgot to say explicitly that all clients needed to be updated as well to be protected, but you've probably worked that out by now without this mention.
Questions have been asked of me as to whether this issue can be detected / remediated with just a network upgrade. The answer is, not perfectly, but there are some mitigation techniques available by changing certain key timers and it is possible to detect an attack using the techniques described in this new tech note published today: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/212390-wireless-krack-attack-client-side-workar.html
The principles in the tech note will apply to all wireless network vendors but that note just concerns itself with how to configure Cisco wireless controllers of course.
I believe that Aruba's equivalent is at the top of page 7 of this FAQ: http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf
I have tried to find Aerohive's and Ruckus's equivalent how-to-detect-the-exploit announcements but my Googling skills have failed me so I'm sure someone else will post any links that they are aware of.
Regards,
Paul
-----Original Message-----
From: Wireless Issues in the JANET community [mailto:[log in to unmask]] On Behalf Of Paul Hill (phill)
Sent: 16 October 2017 15:07
To: [log in to unmask]
Subject: 'Krack Attacks' - Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
Hi all,
Many of you may be aware of this as there's been a lot of press commentary already today, but some fundamental issues with WPA and WPA2 key security have been found by security researchers and published here at 3PM UK today with the title "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2": https://papers.mathyvanhoef.com/ccs2017.pdf
Additional commentary with an FAQ by the paper's authors in a more easily readable format is posted here: https://www.krackattacks.com/
These have been wrapped up into a single publication of ten CVE announcements. Nine affect the supplicant and one affects the AP. These are:
CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
CVE-2017-13078: reinstallation of the group key in the Four-way handshake
CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
CVE-2017-13080: reinstallation of the group key in the Group Key handshake
CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
As these are protocol level issues, rather than implementation-specific level issues, all Wi-Fi vendors are affected. The publication date was agreed by the security researchers and hundreds of wireless vendors in advance via CERT/CC to allow everyone time to remediate the issues from their software.
Statements have been published by the Wi-Fi Alliance here: https://www.wi-fi.org/securityupdate2017 and ICASI here: http://www.icasi.org/wi-fi-protected-access-wpa-vulnerabilities
Cisco's response to the published paper with guidance on obtaining fixed software is available here in this PSIRT announcement: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
It may be prudent for everyone to review their own Wi-Fi vendor's guidance on how to upgrade their implementation to remediate any risk of exploit.
Regards,
Paul Hill
--
Paul A. Hill CCDP, CCNP Wireless, CWNP Inc. CWDP & CWSP
Systems Engineer - Education Team
Head of Wireless Technologies, Public Sector UK
Cisco International Ltd. E-mail: [log in to unmask]
10 New Square Direct Tel: +44 (0)20 8824 8534
Bedfont Lakes Direct Fax: +44 (0)20 7900 2337
Feltham Mobile *: As Direct Telephone
Middlesex Main Tel: +44 (0)20 8824 1000
TW14 8HA Main Fax: +44 (0)20 8824 1001
United Kingdom Voicemail: 844 48534
* Single Number Reach rings all of my contact devices simultaneously.
|