Posted by Andrew Ross, January 29, 2019
KRACK Attacks Round Two: New KRACKs in WPA….
More than a year ago the KRACK vulnerability was identified as a critical risk to WPA2 attacking the 4-way handshake and making it possible for private data to be stolen. At the time a great deal of effort was expended to identify a fix and patch impacted products as soon as possible. Not long after the disclosure, Silex had posted a blog response and addressed the vulnerability in all impacted products.
Subsequently in October 2018 the discovers of the original KRACK vulnerability published new findings on the subject that identified a broader range of possible attacks and vulnerabilities. They presented a paper at the Computer and Communications Security (CCS) conference last year entitled Release the Kraken: New KRACKs in the 802.11 Standard. This paper outlined their expanded attacks and additional analysis of how vulnerable other WiFi features are.
This included providing details on improved attacks on the 4-way handshake, attacking the FILS and TPK handshakes and how existing countermeasures could be bypassed using the WNM-Sleep frames. Details of the paper can be found at the following links:
Silex Technology takes such updates extremely seriously and has spent a significant amount of time analyzing the KRACK update presented by the author and reviewing its impact on Silex products. The good news is that our Cyber-security team’s results confirm that we believe the immediate and real impact on the impacted products is very low.
After a full review of the expanded KRACK vulnerability, Silex has confirmed that our devices are not impacted, with one exception, the group key with all-zero replay counter. Our review of the all-zero replay counter behavior has concluded that the attack does not offer the loss of any data and provides minimal opportunity to impact the device operation.
This is good news for all our customers and means we will not be issuing any product updates to address the identified expanded KRACK vulnerability report. If you have any further questions reach us directly at email@example.com with your queries.