Talk:KRACK
This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Workaround by using wired connection
editI feel like this sentence in Workarounds section doesn't belong to this article. It's too trivial. Of course not using wireless network will prevent someone from wireless network attack. It's like suggesting not to take public transport in article about pickpocketing in public transport. "Alternatively, users with unpatched devices can disable their wireless network connection and use a wired alternative – though this may not be practical for many scenarios, such as mobile devices or tablets." --Risinek (talk) 23:35, 5 January 2021 (UTC)
"keychain" link refers to the wrong article
edit
In the first paragraph the "keychain" link refers to the physical object used to hold keys. Fly S.Y. (talk) 17:41, 17 October 2017 (UTC)
Apparently the page describing software keyrings is the same as the page to describe physical key rings. Fly S.Y. (talk) 03:29, 18 October 2017 (UTC)
Rename 'KRACK' to 'KRACK (Computing)' ?
editShouldn't this page be renamed to 'KRACK (Computing)' ? --Dadu (talk) 07:00, 17 October 2017 (UTC)
- @Dadu: why? Is there something else that is called "KRACK" and that is just as prominent in WP:RS, that a reader would expect the article to be about instead? Zazpot (talk) 13:22, 17 October 2017 (UTC)
AES-CCMP, WPA TKIP and GCMP modes - different impact
editHello. My edit was deleted recently There are different attacks KRACK for AES-CCMP mode and for WPA TKIP / GCMP modes. As I understand (incorrectly) in AES-CCMP there is only keystream reuse (attack can get xor result of several open texts), but attacker can't inject arbitrary packet - it can only replay some older packet. With WPA TKIP and GCMP attacker can inject any packet in addition to keysteam reuse and packet replay attack. ref is https://arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security/ "the attack can do varying levels of damage:" section; better ref is the updated paper https://papers.mathyvanhoef.com/ccs2017.pdf - ccmp and gcmp are AEAD, details are in "6.1 Impact of Nonce Reuse in 802.11" section and "Table 3: Impact of our key reinstallation attack" table: `a5b (talk) 16:15, 17 October 2017 (UTC)
- "TKIP, CCMP, or GCMP. All three protocol use a stream cipher to encrypt frames. Therefore, reuse of a nonce always implies reuse of the keystream. This can be used to decrypt packets. ... all three protocols are also vulnerable to replay attacks." (As i understand, replayed packet will have same replay id, so if attacker have packet with id of 5678, it can be reinjected around the same id affter rekey?)
- "When TKIP is used, we can also recover the MIC key as follows. ... this allows us to forge frames in one specific direction"
- "When CCMP is used, practical attacks are restricted to replay and decryption of packets. ... and cannot be used to forge arbitrary messages"
- "When GCMP is used, the impact is catastrophic. First, it is possible to replay and decrypt packets. Additionally, it is possible to recover the authentication key ... Therefore, unlike with TKIP, an adversary can forge packets in both directions."
- Table 3 - "Each cell shows in which direction frames can be replayed, decrypted, or forged"
- wpa_supplicant in some versions have incorrect zero key. (desktop linuxes and some versions of android)
- The claimed TCP hijack is not part of KRACK attack - it just uses sequence numbers from decrypted packets and to hijack the tcp connection attacker should have connection to the same internet access device. It is is possible over WiFi+WPA with ability of arbitrary packet forging as in GCMP (partially in TKIP). And with CCMP attacker must have another connection to internet to be able to send tcp packets from the same ip address as user have. `a5b (talk) 16:15, 17 October 2017 (UTC)
Prose or table of "patches" section
editI was supposed to mention this few days ago, but naively thought the list would remain small enough to not be an issue.
I think the section would be better represented as a "reactions" section. Shellshock (software bug)#Patches came immediately into my thoughts, but also Heartbleed#Remediation or Heartbleed#Root causes, possible lessons, and reactions. Heartbleed also has a section on "impact". 84.250.17.211 (talk) 12:30, 9 November 2017 (UTC)
- Pinging @Causa sui: Special:Diff/809736905? See above for proposal. 84.250.17.211 (talk) 18:33, 12 November 2017 (UTC)
- Shellshock affected bash. Heartbleed affected openssl. This affects everything. The information in that section can't be tersely encapsulated in prose. It should be a table. --causa sui (talk) 04:46, 13 November 2017 (UTC)