The news about WPA2 KRACK—Key Reinstallation Attack and its threats are proliferating. As a global connectivity company and a security practitioner, I felt obligated to write, explain and clarify a few facts.
1. There are two types attack-methods for key re-installation.
The paper has 8 sections. Section 3 discussed about 4-way handshake key (PTK Pairwise Transient Key (PT) reinstallation attack, which affect mainly Linux and Android OS. Section 4 discussed group key refresh key (GTK rekey) reinstallation, which affect all WIFI devices including iOS and Apple computers.
2. The attack experimented by the researchers has one pre-condition: “we first establish a man-in-the-middle (MitM) position between the supplicant (client) and authenticator (AP).”, which means the researchers MUST know the password of the WIFI network and able to authenticated as a legitimate client first.
Therefore, changing the WIFI access point password often and use a strong password reduce the risk of WPA2 KRACK attack. The keyword is “Reduce” not “Eliminate”. When the AP and smartphone vendor provides a patch, user should install it to eliminate this bug.
3. If you study cryptography, you may aware of Diffie-Hellman key exchange. WPA2 standard does not use DH key exchange and thus this is not related to SSL. For discussion on why WPA2 not using DH key exchange pls read here
4. The reason that iOS not affected to 4-way handshake key reinstallation is Apple engineer did not follow the 802.11 standard. We don't know it is purposeful or negligence (or just lucky).
WPA2 is widely used therefore the impact is profound. This attack is due to a design fault at the 802.11 standard and for GTK rekey, it affects all tested devices. With so many WIFI networks, it is a Sisyphus task to update the AP routers firmware !