EnGenius Advisory: WPA2 KRACK Vulnerability
October 17, 2017 By BlueAlly
What Has Happened
On October 16, 2017 a public announcement was made by security researchers who discovered a weakness in the Wi-Fi Protected Access 2 (WPA2) protocol that is used in all modern Wi-Fi networks. A malicious attacker in range of a potential unpatched victim can exploit this weakness to read information that was previously assumed to be safely encrypted. The vulnerability is within the Wi-Fi IEEE 802.11 standard itself, and is therefore not unique to any particular access point or client device vendor. It is generally assumed that any Wi-Fi enabled device is potentially vulnerable to this particular issue.
A Summary of How WPA2 Security Works
WPA2-AES security consists of both authorization and encryption. The authorization step is used to determine whether a particular client is allowed to access the wireless network, and comes in two flavors, Personal and Enterprise. In WPA2-AES Personal, a pre-shared key or passphrase is used to provide the key identifying credential. In WPA2-AES Enterprise, the Extensible Authentication Protocol (EAP) is used to validate the client credentials against an external RADIUS or Active Directory server. In either the WPA2-AES Personal or WPA2-AES Enterprise scenario, once the client’s authorization credentials are validated, a unique set of encryption keys are established between that particular access point and that particular client device, to encrypt the traffic between them. This encryption process is done via a four-way handshake, where particular keys are passed back and forth between the access point and the client device so each can derive the appropriate unique encryption key pair.
A Summary of the Vulnerability
The security researchers discovered that they could manipulate and replay the third message in the four-way handshake to perform a key reinstallation attack (KRACK). Strictly speaking, each key that is passed in the four-way handshake should only be used once and never re-used. However, in a key reinstallation attack, the attacker pretends to be a valid access point and tricks the client device into reinstalling a key that is already in use, serving to reset the transmit and receive packet numbers. For WPA2-AES, the attacker can then derive the same encryption key as the client device, and then decode upstream traffic from the client device to the access point. For the older (and less secure) WPA-TKIP, the attacker can go even further, and potentially forge and inject new packets into the data stream.
For an attack to be carried out to take advantage of this vulnerability, it must be done by a malicious actor conducting a man-in-the-middle attack (i.e. pretending to be an AP on your network and serving to be a relay between the client device and the legitimate wireless network).
How This Vulnerability Impacts EnGenius Products and Networks
As the issue occurs on client devices, the first step for any network operator is to check with your client device manufacturers for security patches and updates and apply these updates as soon as they are available.
This particular vulnerability has no direct impact on any EnGenius APs operating in “access point” mode. However, EnGenius access points that are used as client devices (i.e. Electron™ APs operating in “client bridge” mode) or any access points that are used for point-to-multipoint communications (i.e. Electron™ APs operating in “WDS bridge” or “WDS station” mode) are potentially impacted by this vulnerability in the IEEE 802.11 protocol. Furthermore, some advanced applications and features, such as mesh networking and fast roaming (i.e. 802.11r), may also be potentially vulnerable to this issue.
EnGenius software developers are currently actively investigating the impact of this vulnerability across all of the products in our product portfolio, and will be issuing firmware releases in the coming days and weeks to address this issue. In the interim, EnGenius still recommends the continued use of WPA2-AES Personal or WPA2-AES Enterprise for network security. Do not use WEP and do not use WPA-TKIP, as the vulnerabilities of those deprecated security protocols are significantly more serious and easier to execute by a malicious attacker.
