What is KRACK?
KRACK is a recently discovered Wi-Fi vulnerability allowing an intruder to compromise an encrypted Wi-Fi traffic. KRACK stands for Key Reinstallation Attack. It is probably the largest vulnerability discovered in the Internet history affecting most Wi-Fi devices, most operating systems and most users. Mathy Vanhoef and Frank Piessens who discovered the vulnerability submitted a paper to a conference in April 2017. The paper defined technical details how KRACK can be exploited. The paper was made public in October 2017, but prior to that Wi-Fi manufactures were notified about the Key Reinstallation Attack in the August 2017 timeframe to give them some time to react to the vulnerability.
The Key Reinstallation Attack works against all modern Wi-Fi networks protected by WPA2 security protocol. The main idea of KRACK is to compromise the WPA2 handshake when a device gets connected to a Wi-Fi. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. While all operating systems are affected by KRACK, the paper authors described the attack as “exceptionally devastating” against Android 6.0.
A software patch/update required to fix the issue while changing Wi-Fi password does not help.
The Key Reinstallation Attack is based on a simple idea. KRACK attacks the WPA2 4-way handshake forcing to reset the message counter and reinstall the previously installed encryption key. This causes the Wi-Fi encryption algorithm to reinitialize itself multiple times. Encryption starts with the same key after each reinitialization, as a result multiple messages having different content are encrypted with the same key. Since encryption is just applying XOR operation between the original content and the key, it becomes a trivial task to decrypt such messages. The whole traffic then can be decrypted by the attacker. Even more, the attacker can inject malicious scripts into the Wi-Fi traffic inducing farther damage.