WPA2 handshake flaw

The weakness is in the WiFi standard itself, not in any particular products or implementations, so this impacts just about any correct implementation of WPA2, explained Mathy VanHoef, a postdoc researcher in the university’s imec-DistriNet Research Group, who together with Frank Piessens, a DistriNet professor, discovered the flaw.

As a proof of concept, the DistriNet researchers executed a key reinstallation attack (KRACK) against an Android smartphone, noting that Linux and Android 6.0 or higher were particularly vulnerable. Both operating systems can be tricked into reinstalling an all-zero encryption key.

The main attack is against the four-way handshake of the WPA2 protocol, the researchers said. The handshake takes place when a user wants to join a protected WiFi network and the protocol is used to confirm that the client and access point have the correct credentials.

The attacker manipulates and replays the cryptographic handshake message. When the victim reinstalls the key, the incremental transmit packet number and the receive packet number are reset to their initial values.

“How it works is technically complex,” …

“The easy answer is the attacker gets the access point to rebroadcast part of the initial handshake, analyzes that information, and then the attacker can intercept the rest of the conversation,” he told TechNewsWorld.

During the handshake, the device and access point set up and agree on an initial encryption key, Malik said.

The research will be presented at the ACM Conference on Computer and Communication Security, which will take place Oct. 30 to Nov. 3 in Dallas, and at the Black Hat Europe conference in December of this year.

getic userPswd

palabra  Gtick Y7 s / user ing17

Servidor de Web: mail.getic.com.mx
Incoming (POP) Server mail.getic.com.mx
Port POP: 110
Outgoing (SMTP) Server mail.getic.com.mx
Port SMTP: 587
Enable “My outgoing server (SMTP) requires authentication”

Hola internautas!

Bienvenidos a Σstudio literal, éste es un primer post generado automáticamente por éste sitio  de información digital el cual se mantiene en línea gracias a un administrador de contenido llamado WordPress-CSM

We are glad you are passing by this website, here you will find notes about informatic subjects, social opinions and some weird words linked altogether… hoping them to be readable or perhaps understandable.

Very kindly,    01ea Mx.