KRACK Attack
What is KRACK Attack?
KRACK AttackA key reinstallation attack against WPA2 that forces nonce reuse in the four-way handshake, letting an attacker decrypt or replay Wi-Fi traffic.
KRACK (Key Reinstallation Attack) was disclosed in 2017 by Mathy Vanhoef and Frank Piessens of KU Leuven. It exploits a logic flaw in the WPA2 four-way handshake: by blocking message 4 and replaying message 3, the attacker forces the client to reinstall an already-in-use session key, resetting packet nonces and replay counters. Reused nonces break the AES-CCMP or TKIP keystream, enabling decryption, replay, and in some cases injection of packets. The flaw affects nearly every Wi-Fi implementation; CVE-2017-13077 through CVE-2017-13088 cover the variants. Mitigation requires patched supplicants on both clients and access points; WPA3 was partly designed to remove the underlying weakness.
● Examples
- 01
An attacker within Wi-Fi range of an unpatched Android 6 device decrypts HTTP traffic after forcing a key reinstallation.
- 02
Replaying handshake message 3 against a wpa_supplicant client to reset the CCMP nonce.
● Frequently asked questions
What is KRACK Attack?
A key reinstallation attack against WPA2 that forces nonce reuse in the four-way handshake, letting an attacker decrypt or replay Wi-Fi traffic. It belongs to the Attacks & Threats category of cybersecurity.
What does KRACK Attack mean?
A key reinstallation attack against WPA2 that forces nonce reuse in the four-way handshake, letting an attacker decrypt or replay Wi-Fi traffic.
How does KRACK Attack work?
KRACK (Key Reinstallation Attack) was disclosed in 2017 by Mathy Vanhoef and Frank Piessens of KU Leuven. It exploits a logic flaw in the WPA2 four-way handshake: by blocking message 4 and replaying message 3, the attacker forces the client to reinstall an already-in-use session key, resetting packet nonces and replay counters. Reused nonces break the AES-CCMP or TKIP keystream, enabling decryption, replay, and in some cases injection of packets. The flaw affects nearly every Wi-Fi implementation; CVE-2017-13077 through CVE-2017-13088 cover the variants. Mitigation requires patched supplicants on both clients and access points; WPA3 was partly designed to remove the underlying weakness.
How do you defend against KRACK Attack?
Defences for KRACK Attack typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for KRACK Attack?
Common alternative names include: Key Reinstallation Attack, WPA2 handshake attack.
● Related terms
- network-security№ 1249
WPA2
The second generation of Wi-Fi Protected Access, based on AES-CCMP and IEEE 802.11i, that has been the de facto Wi-Fi security standard since 2004.
- network-security№ 1250
WPA3
The third generation of Wi-Fi Protected Access, introducing SAE-based authentication, forward secrecy, and stronger protections for personal and enterprise Wi-Fi.
- attacks№ 358
Dragonblood
A family of side-channel and downgrade attacks against WPA3 SAE (Dragonfly) that can leak the Wi-Fi password to a nearby attacker.
- attacks№ 837
PMKID Attack
An offline WPA/WPA2-PSK cracking method that derives the passphrase from a single PMKID field captured from an access point, no client needed.
- attacks№ 943
Rogue Access Point
An unauthorised wireless access point connected to a network, either installed maliciously by an attacker or naively by an employee, that bypasses network security controls.
● See also
- № 1251WPS Attack
- № 828Pixie Dust Attack
- № 579KARMA Attack