Several news reports today sounded the alarm that the WPA2 protocol, currently the most popular method of securing Wi-Fi communications, is vulnerable to the “KRACK” attack. Despite the amusing name, this vulnerability is extremely serious.
KRACK stands for Key Reinstallation Attack. In essence, this attack tricks Wi-Fi enabled devices into reinstalling the “nonce,” which is a randomly generated, one-time numerical key used to encrypt communications between the targeted device and the router/gateway. Once the attacker has compromised this key, it can eavesdrop on the packets that are sent to/from the target device or, alternatively, it can forge packets to inject viruses or other malicious code onto a target machine.Read More