Research paper behind the Krack Attack "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2"

(pic via andibreit/pixabay)

Key Reinstallation Attacks, Breaking WPA2 by forcing nonce reuse discovered by Mathy Vanhoef and Frank Piessens of imec-DistriNet, KU Leuven;

We introduce the key reinstallation attack. This attack abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key. This resets the key’s associated parameters such as transmit nonces and receive replay counters. Several types of cryptographic Wi-Fi handshakes are affected by the attack.

All protected Wi-Fi networks use the 4-way handshake to generate a fresh session key. So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, we show that the 4-way handshake is vulnerable to a key reinstallation attack. Here, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying handshake messages.

When reinstalling the key, associated param eters such as the incremental transmit packet number (nonce) and receive packet number (replay counter) are reset to their initial value. Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake.

The impact depends on the handshake being attacked, and the data-confidentiality protocol in use. Simplified, against AES-CCMP an adversary can replay and decrypt (but not forge) packets. This makes it possible to hijack TCP streams and inject malicious data into them.

Against WPA-TKIP and GCMP the impact is catastrophic: packets can be replayed, decrypted, and forged. Because GCMP uses the same authentication key in both communication directions, it is especially affected.

Finally, we confirmed our findings in practice, and found that every Wi-Fi device is vulnerable to some variant of our attacks. Notably, our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key.

The research paper behind the attack is titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 and will be presented at the Computer and Communications Security (CCS) conference on Wednesday 1 November 2017 in Dallas, Texas. The paper can be found here.

Internet IP Address

Every device which can connect to the public internet has a unique assigned Internet Protocol (IP) address, often this is tracked by websites that you visit and often even published in forums and on blog posts for purposes of transparency and to prevent trolling or spamming. The IP address is essential in fighting online crime or other misbehaviour, although it is possible to change your IP address should you wish. An IP address consists of four numbers separated by periods, this is often referred to as a dotted-quad, and looks something like this: 123.45.67.8.

Normally numbers are assigned to internet service providers within region based blocks, allowing some programs such as statistics tracking to identify your location. If you have ever used Google Analytics you will see that it is possible to analyse the geographical locations of your traffic, I know for example that the majority of my traffic is from America whilst the UK is second and nobody has ever visited me from Uganda.

Find Your IP Address

There are several ways to find your IP address within a matter of seconds, the easiest is to simply visit a dedicated website who will tell you your IP, ISP (Internet Service Provider) and details of your connection. One such website is whatismyipaddress.com who will even perform a free analysis to help you determine whether you appear on any 'blacklists' of anti-spam databases.

Apparently my IP address is blacklisted on 5 of the near 100 databases analysed, something which I find incredible since I have only had this IP for 3 weeks and haven't spammed anybody in that period! Perhaps an IP change is in order soon! Another such site is find-ip-address.org which on their blacklist check gave me a risk value of '0', the lowest possible (good to know).

I guess that I have told you all that you need to know now! There are other ways to find your IP, but why would you need them if you have just been given the easiest and quickest method? If you need to find the IP address of your router, which are often generic dependent on brand, then you should google the make and model of your router to find this out.

Author : ryankett

Computer Networking Fundamentals

A computer network is a collection of two or more computers with communication between them through a medium. The communication medium can be through radio waves, wires, infrared, optical fibers etc.

Computer network is an integral part of our daily lives, with the most important reason being that of communication. The use of computer networking is to share resources like fax machines, printers, modems, files etc., and its other uses are database server, computer server, email, chat, internet etc. The computer to which the resources are attached is called the server and the other computers that access the resource are called clients. In peer-to-peer computer networks there are no servers.

The sharing of fax machines, printers, and modems amongst many computers and users reduce the operational cost. A database on a computer network is a very important application as it stores and runs many important data and jobs. Emails and chats can be used for instantaneous communication and sending of files on a computer network.

The computer networks are classified, depending upon the size, as Local Area Networks (LAN), Wide Area Networks (WAN), Metropolitan Area Networks (MAN) and Personal Area Networks (PAN). The topology (topology is the way the computer networks and network resources are connected) of the networking can be classified as Bus Network, Ring Network and Star Network.

The networking hardware basically consists of wiring, network cards and a hub. Computer network cards are required so that one computer can understand what the other computer is “talking”. Network cards have a unique MAC address to identify computers on a computer network. Hubs connect all the computers in the network. Hubs can also be used to connect to other hubs to increase the size of the computer network. Two computers can be connected using Ethernet cards or phone lines or power lines for communication, with hardware kits available at roughly a cost of $100.

As the number of computers in an office or a home increases, so do the number of cables, so wireless networking is a viable solution. In wireless networking radio transreceivers or infrared signals are used to communicate between computers and devices. Examples of wireless networking include Wi-fi and Bluetooth technology, though there may be security issues involved in wireless networking. However there definitely is a stronger preference towards wireless networking nowadays among consumers.

Computer networks have added a new dimension to the 21st century. Today the cyber world is much faster and wider than the real world. This has all been made possible due to computer networks. Computer networks have revolutionized business, communication, travel, research, defense, society and almost all human endeavors. The evolution of computer networks has helped the technological revolution take a big leap forward.