Difference between revisions of "KRACK Vulnerability"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
What is KRACK? | What is KRACK? | ||
* | * KRACKs stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks. | ||
* | * KRACKs allows attacker to read and access information on your wifi network that was considered secured. | ||
* Wi-Fi networks use a password through WPA2 for 2 general purposes: | * Wi-Fi networks use a password through WPA2 for 2 general purposes: | ||
** Control who can connect to the network; and | ** Control who can connect to the network; and | ||
** Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client. | ** Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client. | ||
Why should I care? | Why should I care? | ||
* WPA2 is the most | * Wi-Fi is widely used and WPA2 is presently the most used | ||
Important Things to Note: | Important Things to Note: | ||
* | * | ||
* | * An attacker needs to be within wireless range of your network that (close enough to connect to your wifi). | ||
* A | |||
What should I do? | What should I do? | ||
* | |||
How can I learn more? | How can I learn more? | ||
| Line 29: | Line 26: | ||
*[https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ Ars Technica Reports on KRACK] | *[https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ Ars Technica Reports on KRACK] | ||
*[https://www.ncf.ca/ncf/dg/dgView.jsp?thread=19659 NCF Discussion Group on KRACK] | *[https://www.ncf.ca/ncf/dg/dgView.jsp?thread=19659 NCF Discussion Group on KRACK] | ||
*[http://www.tp-link.com/en/faq-1970.html TP-Link KRACKs Vulnerability Statement] | |||
Revision as of 13:42, 1 November 2017
Disclaimer: This page is specifically written to help members with limited technical knowledge or experience understand the most relevant aspects of this topic for them. We include some helpful links below for further study.
What is KRACK?
- KRACKs stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks.
- KRACKs allows attacker to read and access information on your wifi network that was considered secured.
- Wi-Fi networks use a password through WPA2 for 2 general purposes:
- Control who can connect to the network; and
- Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client.
Why should I care?
- Wi-Fi is widely used and WPA2 is presently the most used
Important Things to Note:
- An attacker needs to be within wireless range of your network that (close enough to connect to your wifi).
- A
What should I do?
How can I learn more?