Everything you need to know about KRACK, the WPA2 Wi-Fi vulnerability

Update: Wpa supplicant (the method used to set up a Wi-Fi handshake in Linux) has been updated and is already available. Google has implemented this fix and the November 6, 2017 security update will include it. Google Wifi will automatically install the update as soon as it becomes available.

The original article follows.

For years we've all depended on the WPA2 (Wi-Fi Protected Access) protocol to secure our Wi-Fi networks. That all comes to an end today.

Security researcher Mathy Vanhoef has revealed what he has labeled KRACK, an exploit that attacks a vulnerability in the handshake of the WPA2 protocol that you most likely use to protect your Wi-Fi at home and millions of small businesses around the world use, too.

Update: A statement from Google given The Verge says that while every Wi-Fi enabled device is affected, Android phones using Marshmallow (Android 6.0) or higher pose a special risk and are vulnerable to a variant of the exploit that can manipulate traffic. Models on older firmware are susceptible in other ways, but traffic injection is a serious issue. Expect a fix from Google in the near future.

Speaking at the ACM Conference on Computer and Communications Security in Dallas, Vanhoef explained that this exploit may allow packet sniffing, connection hijacking, malware injection, and even decryption of the protocol itself. The vulnerability has been disclosed to the people who need to know these sorts of things early to find a fix and US-CERT (United States Computer Emergency Readiness Team) has released this prepared bulletin:

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

According to a researcher who has been briefed on the vulnerability, it works by exploiting a four-way handshake that's used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it's resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.

How do I stay safe?

To be honest, for the next couple of days there aren't a ton of public options available to you. We're not going to tell you how it works or where to find more information on how exactly the attack works. But we can tell you what you can (and should do) to stay as safe as possible.

  • Avoid public Wi-Fi at all costs. This includes Google's protected Wi-Fi hotspots until Google says otherwise. If your carrier forces your phone to Wi-Fi when in range, visit the forum for your phone to see if there's a workaround to stop it from happening.
  • Only connect to secured services. Web pages that use HTTPS or another secure connection will include HTTPS in the URL. You should contact any company whose services you use and ask if the connection is secured using TLS 1.2, and if so your connection with that service is safe for now.
  • If you have a paid VPN service that you trust you should enable the connection full-time until further notice. Resist the temptation to rush and sign-up for any free VPN service until you can find out if they have been vetted and will keep your data secure. Most don't.
  • Use a wired network if your router and computer both have a spot to plug in an Ethernet cable. This exploit only affects 802.11 traffic between a Wi-Fi router and a connected device. Ethernet cables are relatively cheap (opens in new tab) and an eyesore strung across the carpet is worth it. Look for a Cat6 or Cat5e spec cable and there should be no configuration needed once plugged in.
  • If you use a Chromebook or MacBook, this USB Ethernet adapter is plug-and-play (opens in new tab).
  • Relax.

What could happen if I am on an attacked network?

This hack can't steal your banking information or Google password (or any data on a correctly secured connection that uses end-to-end encryption). While an intruder may be able to capture the data you send and receive, it can't be used or even read by anyone. You can't even read it unless you allow your phone or computer to decrypt and unscramble it first.

An attacker may be able to do things like redirect traffic on a Wi-Fi network or even send bogus data in place of the real thing. This means something harmless like printing a thousand copies of gibberish on a networked printer or something dangerous like sending malware as a reply to a legitimate request for information or a file. The best way to protect yourself is to not use Wi-Fi at all until you're directed otherwise.

See more

On phones running Android 6.0 Marshmallow and newer, the KRACK vulnerability can force the Wi-Fi connection to create an absurdly easy-to-crack encryption key of 00:00:00:00:00. With something so simple, it's easy for an outsider to read all of the traffic coming to and from a client, like a smartphone or laptop.

But if that traffic is encoded using the secure HTTPS and TLS protocols (and most web traffic should be these days), the data they contain is encrypted end-to-end and, even if intercepted, won't be readable.

Has your router been patched to fix the KRACK vulnerability?

Ubiquiti has been said to already have a patch ready to deploy for their equipment, and if this turns out to be true we should see the same from companies like Google or Apple very soon. Other, less security-conscious companies may take longer and many routers will never see a patch. Some companies who make routers are much like some companies who make Android phones: any desire to support the product stops when your money reaches their bank.

Does this really matter?

This is not a case where you should feel immune because your data isn't valuable enough. The majority of attacks using this exploit will be opportunistic. Kids who live in your building, shady characters who drive the neighborhood looking for Wi-Fi APs and general mischief makers are already scanning Wi-Fi networks around them.

WPA2 has had a long and fruitful life with nary a public exploit until today. Here's hoping the fix, or what comes next, can enjoy the same. Stay safe!

Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

  • Awesome post as always Jerry! I like how you take a technical subject like this and break it down without losing the seriousness of the subject. Hopefully a patch is released soon since this bad news.
  • Ubiquiti has already deployed a patch for their Access Points. It is firmware
  • Careful not to misinterpret this though, it fixes the vulnerability for when the access point acts as a client on a wireless uplink to another access point... KRACK affects clients so all your devices are still vulnerable even if connecting to a patched Ubiquiti AP. There are mitigation techniques that can be implemented on an AP to avoid the problem from vulnerable devices connected to it, but Ubiquiti didn't include them in this patch... You need to make sure you get updates for all your client devices (phones, laptops and every other WiFi device, event your smart fridge :-S), this will take a long time an many devices will probably never see a fix...
  • The researcher's name is "Mathy Vanhoef", or @vanhoefm on Twitter. "KU Leuven" is the university institution where he does his research.
  • Hopefully today is a situation where having Google WiFi actually helps. I'm assuming if a patch can be developed to fix this Google will deploy it automatically.
  • How helpful is MAC filtering in light of this?
  • MAC filtering has never been overly helpful considering how easy it is to find and spoof a MAC. It's more work on the person setting up and maintaining the network than it is for the person who actually has a reason to try to penetrate your network. That said, I'm far from an expert on wireless connection authentication (and haven't read the in depth details of this exploit), but this sounds like it would be an exploit after a MAC check (I'd think it would check that before even moving on to negotiating keys), so it might be a speed bump for those who are just screwing around if lots of people can see your network. It certainly wouldn't mean you are safe though.
  • You are correct about the exploit effecting after MAC check. I convicened my boss to shut off the wireless until we can get the patch.
  • "Every wi-fi device is vulnerable to some variants of our attacks. Our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key." http://www.bbc.co.uk/news/technology-41635516 Hope this is not try as several of my phones are on 6.0
  • Oh wonderful. My PRIV slowly dying on marshmallow and now this.
  • Priv. 1st phone I thought of too. Flicked via the BlackBerry keyboard on my Pixel
  • I'm confused by your concerns. Blackberry has shown more dedication to security than any other company in the Android space, and I was under the impression they've been releasing monthly security updates. I would think that the Priv is more likely to get the fix than many other phones. My HTC One A9 got Nougat in January, but HTC Canada can't be bothered to release security updates (even though HTC US does). The odds of me getting this patch are almost non-existent.
  • *sighs* I'm right there with you.
  • Actually, it says Android 6.0 and above, noting that wpa_supplicant 2.4+ is vulnerable. Seems like it's saying that still hasn't been fixed up to the latest version. Oh yeah, here's the addendum from the main page:
    Addendum: wpa_supplicant v2.6 and Android 6.0+ Linux's wpa_supplicant v2.6 is also vulnerable to the installation of an all-zero encryption key in the 4-way handshake. This was discovered by John A. Van Boxtel. As a result, all Android versions higher than 6.0 are also affected by the attack, and hence can be tricked into installing an all-zero encryption key. The new attack works by injecting a forged message 1, with the same ANonce as used in the original message 1, before forwarding the retransmitted message 3 to the victim.
  • Jerry awesome article. Could someone put together a good article on paid or free VPN services that keep our data safe? You rock brother.
  • I swear there has been many VPNarticles already this year on this site.
  • NordVPN is one of the best. I've been using for over a year now. usually it's 79$ for a year , but now they have a promotion for 2 years at the same price.
  • Ubiquiti has already deployed a patch for their Access Points. This morning. I cant post the link but its available to those that use them.
  • Replied to add information. It is firmware
  • Great, so now I have to turn off wifi and bluetooth to my phone. Can someone pass me the wired Ethernet dongle please? Edit: Wow, so I tried my MBP's USB-C Ethernet dongle on my S8 and it works like a charm, hah. I guess I shouldn't be surprised, just have never tried that before.
  • How long before flaws are found in mobile data?
  • Mobile data is flawed and always has been. This is why Stingrays work.
  • Bingo!!
  • "...no matter *WHICH router you have"
  • Would it make any difference if I make my WiFi network hidden?
  • None whatsover. Hidden WiFi networks do not provide additional security. Generally they should be avoided.
  • Looks like Android fixes for KRACK are coming in the November security patches (at the November 6th patch level) according to this. OnHubs and Google Wi-Fi will also be automatically patched once an update is available.
  • Wow that is pathetic. Google should release fixes for this ASAP, not just wait until november. There should be an emergency patch going out asap.
  • https://w1.fi/security/2017-1/ there ya go. Can wait for Google to test them and deploy, or just do it yourself if you're unable to wait.
  • I'm not sure on how to use this file since all I see is a text file on the Oct 16 date.
  • Then you're best to wait until it gets implemented in the November patches.
  • Then back to my original point. this seems bad enough for Google to at least issue an emergency patch for all Pixels. November is too far away for something that is this bad. To quote Engadget: "The problem is made worse by Android and Linux, which, thanks to a bug in the WPA2 standard, don't force the client to demand a unique encryption key each time. Rather, they allow a key to be cleared and replaced by an "all-zero encryption key," foiling a key part of the handshake process. In some cases, a script can also force a connection to bypass HTTPS, exposing usernames, passwords and other critical data."
  • It's weird... The sentence actually reads, "Google has officially issued a fix and says devices with a security patch level of November 6 2017 or later are protected against these vulnerabilities.". The way that reads doesn't make any sense. Typo maybe?
  • I spoke with someone a bit ago. The fix is publicly available (linked above). It will be deployed with the next security patch for Android. Expect an official general announcement shortly.
  • Thanks for the clarification, Jerry!
  • Bartender: Shouldn't we lie down? Put paper bags over our heads or something?
    Ford: If you like.
    Bartender: Would it help?
    Ford: Not at all.
  • Bravo for the obscure Hitchhiker's reference.
  • And the reminder to check for a Chromecast update.
  • Would the HTTPS Everywhere extension help on other machines?
  • "we should see the same from companies like Google or Apple very soon. Other, less security-conscious companies may take longer" Based on their history, I'd say Apple IS a less security-conscious company and wouldn't expect them to even acknowledge the existence of this issue for a long time...
  • You'd be wrong. It was announced that the latest Beta of 11.1 fixes this issue .. now the question comes as to when my S8+ on AT&T will get the fix? Samsung is always behind and AT&T seems love to block updates. We'll see. Just don't let bias cloud your vision. :)
  • What about switching to WEP instead of WPA on your router?
  • Bad idea. WEP is still way more insecure. It would be like removing the lock on your door just because it is now pickable.
  • You can download free apps that crack WEP and give you the key in seconds.
  • Bad idea -- WPA2, with this vulnerability, can be exploited under certain circumstances to get or modify some of your client's data. WEP, on the other hand, can be fully broken in only a few seconds, granting an attacker the ability to get and modify all data from all clients on the network, using standard off-the-shelf tools available to every hacker. WPA2 at its worst is still far superior to WEP at its best.
  • The best part of this article is the URL.
  • Does anyone know if the first batch of Pixel 2 XL's that are shipping tomorrow will be patched?
  • When they have the Nov 6 patch, they will be protected
  • Don't forget that the first thing Android (and most OSes) does when you first boot is to look for updates. So, it'll be better for Google to ship the devices and work on getting the patch out as quickly as possible. Trying to re-flash every phone that's already been packaged would be extremely difficult and cause huge delays that would anger many customers. If I had pre-ordered, I'd rather get my phone with the knowledge that a patch is in the works. It's no worse than continuing to use the Android phone I already have, which may never get patched at all.
  • So for us non-technical out there, let's say my phone is patched with the November Security update, but my router is not. Do both sides of the connection need to be patched in order to truly be secure or does a one sided fix improve the situation at all?
  • First - very few Android handsets will get the fix - generally only the premium priced ones (including the Pixel Range). Second, it's generally the clients that need to be patched e.g. the laptops, mobiles, desktops. Microsoft have stated that Windows 10 is already patched as of October 10th Patch Tuesday updates. Apple has stated that next version of iOS 11 (11.1) is patched. Same for MacOS. Android - again, will be patched, but none of the OEM's will bother patching their low-mid range phones. You should keep an eye on the vendor websites.
  • Not necessarily. If the OEM is using the supplicant that is built into Android, Google can patch it with Google Play Services, bypassing the OEM's that are slow/lazy. Most OEM's don't want to reinvent the wheel for such "pedestrian" parts of the OS, so you may be in luck. Keep an eye open and we will see what happens.
  • Apple claims to have already issued a patch
  • Jerry, is this the kind of thing that Project Treble will help with? It seems like the exact sort of issue that should be dealt with swiftly by Google, rather than having to wait on manufacturers and carriers to issue their own updates.
  • So , I am guessing if one never uses Wifi their safe. My LTE is faster than most free wifi site's. I never use unsecured Wifi not just because it is a security risk, they are just slow.
  • Jerry - Any information regarding which Nexus devices will receive the update? Still using the Nexus 6 and am wondering if Google will push out the update for devices past the official end of life dates (https://www.androidcentral.com/android-711-was-end-line-nexus-6-nexus-9). If not, I guess this might be the time to look at custom ROM options.
  • That's referring to platform updates. The Nexus 6 is still receiving security updates IIRC so it should get the patch for this.
  • So the elephant in the room for Android - what do people who don't own Google branded phones do i.e. the vast majority that won't get a patch from their OEM. Take the hit? Hope they aren't unlucky and that their hotel or conference centre wi-fi is ok? Buy an Apple or Google branded phone? Isn't this going to highlight the lack of security awareness from the major OEMs? Do they care?
  • It certainly should highlight the lack of security updates. It has for me. How quickly my S8 gets this patched will be the deciding factor of whether or not I buy a pixel. And also whether or not I recommend anything other than a pixel or Android one device going forward
  • To stay safe at home until a patch is issued, can I simply turn off broadcasting of my SSID??
  • No. A good scanner will still find your SSID and the bad guys, when seeing a hidden network, would give it closer attention, not less.
  • No, that won't help. See my post above about using a VPN that YOU create and control.
  • I think that if you really want me to read your content you will stop with the "AD-BLOCKER" disable request. I've had enough of it and couldn't care less about what you are trying to sell and don't need to see it.
  • I suppose you'd rather pay a subscription for access to said content? AndroidCentral/Mobile Nations isn't a charity, after all.
  • When I encounter an ad-blocker paywall/popup, I simply open the URL in an "incognito" window. I have disallowed all plugins in the incognito window in Google Chrome... and due to the nature of Chrome's incognito window, the advertisements, cookies, and other methods to track me don't apply. When I close the incognito window, all cookies, etc. are instantly deleted. This renders most tracking software useless for advertisers. In addition to "AdBlock Plus", I also advise people to install "Privacy Badger" to prevent ad companies from tracking your online behavior.
  • I am enabling all my devices (Android and Windows 10 PCs ) with a VPN tunnel to stop my devices from being hacked. I thought a lot of the KRACK issues were with the wireless devices themselves and not the router per say. Correct me if I'm wrong.
  • Every device that you use to connect to Wi-Fi should be set-up to use a VPN. No exceptions.
  • "The best way to protect yourself is to not use Wi-Fi at all until you're directed otherwise."
    ...Yikes/Wow!!!....Also: that's basically impossible nowadays!! I have close to 30 devices on my wifi network in my apartment unit - Echos and Sonos is every room, security cameras mounted up on walls, laptops, gaming consoles...not exactly an option to just plug them all into ethernet! Woah.
  • I have always connected devices to a wired network whenever possible... even when I am forced to drill holes in the walls of a leased space. I can patch those holes before I move-out. The security and reliability benefits outweigh the potential cost. Whenever possible, I purchase devices which have an Ethernet connection. In addition to my smartphone/tablet devices, I only have two devices which connect via WiFi.... my Amazon Echo and my WiFi printer. And... I'm now re-thinking the printer. Why shouldn't a printer be able to connect via Ethernet???
  • Contacted Spectrum support, CSR tried to BS me by saying I'm safe because they use IPv6 and DHCP hahaha and McCrappy Security Suite. Called actual technical support, and Tier 3 support hasn't even heard of KRACK. Seriously!?! So I requested an escalation...he said he could, but he may not get an answer. When I mentioned CAPAs and being shut down for not addressing customer issues, he "took a note and will escalate it to his supervisors and IT". Why am I not reassured. Maybe I'll check the Ubee Technicolor site and see if they have any useful information...
  • I'm not surprised. The only solution to this vulnerability is to begin using a VPN server for all Wi-Fi connections. You can create your own VPN server, controlled by YOU. See my post above.
  • I'm confused on what devices need to be patched to fix this... My current understanding is that I need the following devices to be patched to be safe (in no particular order)...
    1. My phone
    2. My laptop
    3. My router.
  • Yes, and also... all of your "smart" devices... such as: Your "smart" TV's
    Your Amazon Echo devices
    Your Google Home devices
    Your Apple (insert device name here) devices
    Your internet-connected appliances, such as your refrigerator, clothes washer, etc.
    The list goes on, and on, and on... basically all of your IoT (Internet of Things) devices. But yes, the first priorities are (in order of priority):
    1) Your phones, laptops, and tablets
    2) Your router
    3) Your IoT devices The big problem is that most Android phones (except those sold directly by Google) won't be updated for a long time, if ever. These updates are usually controlled by your wireless telephone company... and they are very slow to release software updates, even for the newest phones. Older phones... yeah... never. Also... another big problem is that WiFi hotspots in.... practically everywhere... won't be updated for possibly decades. Hotels, coffee shops, restaurants, and everywhere else. You won't be able to trust those hot spots for... practically... the rest of your life. Your laptop... if it is running MacOS or Windows 7, 8, 8.1, or 10... will probably receive an update in the next few weeks. If you have a recent iPhone, you will probably receive an update in the next few months. If you have a Google Pixel or recent Nexus phone, expect an update in the next few weeks. All other phones... the update is entirely controlled by your wireless telephone provider. Many devices will never receive an update. Tablets follow the phones as mentioned above. Routers.: If your router is fairly new, you may be able to update it with new firmware that fixes this vulnerability. Older routers... probably not. (unless you are tech-savvy enough to flash it with firmware from other sources such as dd-wrt, tomato, or pfSense). I expect that Amazon Echo devices, Google Home devices, and similar "home" devices which have recently hit the market will also be updated (automatically) in the near term. But other so-called "smart" devices such as TV's, refrigerators, washing machines, and other similar appliances will probably never be updated. Realistically, this KRACK is "data Armageddon" which will last for most people's natural lives. If you don't use a VPN server, which is controlled by YOU, as I described in another comment, you WILL become a victim of an attack at some point in the future.
  • Didn't think about the smart TV. I have a Roku TV. Wonder if that'll ever get updated...I'm most worried about my router which is a little over a year old but was pretty expensive...I have a Google home that'll probably be updated relatively quickly. My fiance has a 1st Gen pixel and I have a Galaxy s8. It's been pretty good about updates though so far. They patched blueborne in like a month.
  • After reading about KRACK a few days ago, I setup my own VPN server on my home router. Now, when I'm out and about, I just use the "OpenVPN Connect" app (available in the Apple and Google Play stores for free) to connect back to my home router via an encrypted VPN tunnel. My traffic is encrypted thru the VPN tunnel back to my home router, and then goes out to the Internet from my home broadband modem. This prevents attackers who are using the WPA "KRACK" from getting my data because all of my data is encrypted inside the VPN tunnel between my smartphone and my personal VPN server. My home router is a Small-Form-Factor (SFF) PC running pfSense, which is Free Open Source Software (FOSS) that anyone can install on a great number of devices. I chose to build a tiny PC for it because I wanted to make sure that my router had hardware encryption (AES-NI) built-in, specifically for use with VPN's. (I also wanted to make sure that my router is very energy efficient) But, if you have an old PC laying around, you can build your own pfSense router for almost no cost. At most, if that old PC only has one Ethernet adapter, you will need to buy a NIC (Network Interface Card) and plug it in to an available slot inside the PC. This setup limits the download speed on my smartphone to 6Mbps while I'm connected to my VPN server, because that is the max upload speed that I get from Comcast (to clarify: when I download on my smartphone, I am actually using the upload bandwidth of my home Internet service). That's plenty for me... and a small trade-off knowing that I'm not giving all my data to some VPN provider found in a web search. If you're technically inclined, you can even setup your own free or low-cost VPN server in the cloud. There are several tutorials online which show how to do this. I've posted a few links to articles which explain how to do this. I may go that route eventually too... but my pfSense router made it super easy to set it up immediately without much thinking or expense. Well, apparently, I can't post links. OK... Google these: If you're comfortable with command-line interfaces and Linux...
    "comparitech How to make your own free VPN with Amazon Web Services" If you're more of a Windows person, and happen to have a Windows 10 PC...
    "lifehacker How to Set Up Your Own Completely Free VPN In the Cloud" Personally, I plan on doing a hybrid of the two links above. I like the command-line approach of the first link from Comparitech, and the pricing plans at Digital Ocean, which the second link from Life Hacker makes easy (if you have a Windows 10 PC to run the setup software). Both options are far more secure than using a VPN provider that you find by doing a Google search! The "free" VPN providers are making money by selling your data. The paid VPN providers... who knows what they are doing with your data? If you really want to secure your data, you're better-off owning the VPN server. All of the options I mentioned above give YOU control of the VPN server. If you're even a little bit tech savvy... build your own VPN server to protect yourself from hackers.
  • For some background, and a little more information... FOSS like pfSense and DD-WRT are usually more secure because there is a huge number of people reviewing the code, finding bugs and vulnerabilities, reporting them back to the community, and fixing them... usually much faster than companies that sell consumer- (and even business)-grade hardware can address those issues. FOSS for routers and wireless access points makes sense for anyone who has the technical ability to install them onto your existing hardware. There are plenty of resources for people with even a little bit of know-how. FOSS is provided for hardware which is no longer supported by the original manufacturer, as well as for recent hardware. Updates are usually provided faster for both recent and older hardware than the OEM can provide. For example,pfSense will soon provide a fix for the WPA/WPA2 vulnerability... long before most router manufacturers can do so. Of course, that pfSense fix only applies if you are using your pfSense router as an Access Point. In my case, I am using my old ASUS RT-AC66U router as an Access Point. ASUS hasn't even released any information as to when (or if) they will release a fix! Meanwhile, the team that produces DD-WRT has ALREADY produced a beta firmware for the RT-AC66U which addresses the WPA KRACK. To put it simply, the DD-WRT team has already fixed the vulnerability for the ASUS RT-AC66U router... before ASUS has fixed it in their own firmware! And, if you have a pfSense router... and that router has a built-in WiFi interface... the fix is coming very soon. Probably before fixes will arrive for commercial routers. FOSS is king.
  • If you have the technical ability to install FOSS such as DD-WRT, Tomato, or pfSense on your existing router or Access Point, you should do so as soon as possible. All of these projects will provide remediation to vulnerabilities much faster than the hardware manufacture will or is able to.