Difference between revisions of "KRACK Vulnerability"

Disclaimer: This page is specifically written to help members with limited technical knowledge or experience understand the most relevant aspects of this topic for them. We include some helpful links below for further study.

What is KRACK?

• KRACK stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks.
• KRACK allows attacker to read access information on your wifi network that was considered secured.
• Wi-Fi networks use a password through WPA2 for 2 general purposes:
  • Control who can connect to the network; and
  • Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client.
• KRACK employs what will be considered a man-in-the-middle scheme to decode a Wi-Fi password during the handshake between your access point and one of your clients.
• Once KRACK can then be used to potentially

Why should I care?

• WPA2 is the most widely used

Important Things to Note:

What should I do?

How can I learn more?

• Krack Attacks Website by Mathy Vanhoef of imec-DistriNet
• Krack Attacks FAQ
• Microsoft Security TechCenter KRACK Update
• Ars Technica Reports on KRACK
• NCF Discussion Group on KRACK