release the kraken
play

Release the Kraken: New KRACKs in the 802.11 Standard Mathy Vanhoef - PowerPoint PPT Presentation

Sep 13, 2023 •374 likes •814 views

Release the Kraken: New KRACKs in the 802.11 Standard Mathy Vanhoef @vanhoefm Toronto, Canada, 16 October 2018 Key reinstallations in the 4-way handshake 2 WPA2: 4-way handshake Used to connect to any protected Wi-Fi network Mutual

  1. Release the Kraken: New KRACKs in the 802.11 Standard Mathy Vanhoef — @vanhoefm Toronto, Canada, 16 October 2018

  2. Key reinstallations in the 4-way handshake 2

  3. WPA2: 4-way handshake Used to connect to any protected Wi-Fi network Mutual authentication Negotiates fresh PTK: pairwise transient key 3

  4. WPA2: Encryption algorithm Nonce Plaintext data (packet number) Packet key PTK Mix (session key) Nonce  Nonce reuse implies keystream reuse (in all WPA2 ciphers) 4

  5. KRACK Attack 5

  6. KRACK Attack 6

  7. KRACK Attack PTK = Combine(shared secret, ANonce, SNonce) 7

  8. KRACK Attack Block Msg4 8

  9. KRACK Attack Block Msg4 9

  10. KRACK Attack PTK is installed & nonce set to zero Block Msg4 10

  11. KRACK Attack 11

  12. KRACK Attack 12

  13. KRACK Attack In practice Msg4 is sent encrypted 13

  14. KRACK Attack 14

  15. KRACK Attack Key reinstallation: nonce again reset! 15

  16. KRACK Attack 16

  17. KRACK Attack Next frame reuses previous nonce! 17

  18. KRACK Attack Keystream Decrypted! 18

  19. Practical Obstacles 19

  20. Rejected Msg3 20

  21. Rejected Msg3 Plaintext Msg3 rejected 21

  22. Rejected Msg3 Solution: generate encrypted Msg3 Plaintext Msg3 rejected 22

  23. 23

  24. 24

  25. 25

  26. 26

  27. 27

  28. 28

  29. 29

  30. 30

  31. 31

  32. Msg3 is now encrypted 32

  33. 33

  34. Flawed countermeasure 34

  35. 802.11’s official countermeasure “When the Key, Address, Key Type, and Key ID parameters identify an existing key, the MAC shall not change the current transmitter TSC/PN/IPN counter or the receiver replay counter values associated with that key .” 35

  36. Bypassing 802.11’s countermeasure Group key transported in two frames › EAPOL-Key frames › WNM-Sleep frames We can mix these frames › WNM-Sleep installs new key › Then EAPOL-Key reinstall old key  Can reinstall the group key 36

  37. Details are non-trivial WNM & Group HS group HS & WNM 4-way HS & WNM 37

  38. Implementation Specific Flaws 38

  39. Can we replay Message 4? › Yes, certain MediaTek Drivers accept replayed Msg4’s › Used in 100+ devices  many vulnerable products ASUS RT-AC51U TP-Link RE370K 39

  40. Are PTK rekeys implemented properly? Rekey is a new 4-way handshake › Same messages exchanged as in initial 4-way handshake › But new ANonce and SNonce is used macOS: › Patched default KRACK attack › But reused the SNonce during a rekey › SNonce reuse patched in macOS 10.13.3 40

  41. Exploiting macOS’s SNonce reuse Adversary can replay old handshake › Need to inject encrypted message 1 › Feasible under specific conditions › Causes key reinstallation 41

  42. Conclusion › We made attacks more practical › Bypassed official countermeasure › Handling group keys is hard › Keep auditing devices & protocols! 42

  43. Thank you! Questions? krackattacks.com/followup.html

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SI485i : NLP Set 14 Reference Resolution Reference Resolution Kraken , also called the Crab-fish

SI485i : NLP Set 14 Reference Resolution Reference Resolution Kraken , also called the Crab-fish

SI485i : NLP Set 14 Reference Resolution Reference Resolution Kraken , also called the Crab-fish , which is not that huge, for heads and tails counted, he is no larger than our land is wide [i.e., less than 16 km] ... He stays at the sea

357 views • 21 slides
SI486m : NLP Set 14 Reference Resolution Reference Resolution Kraken , also called the Crab-fish

SI486m : NLP Set 14 Reference Resolution Reference Resolution Kraken , also called the Crab-fish

SI486m : NLP Set 14 Reference Resolution Reference Resolution Kraken , also called the Crab-fish , which is not that huge, for heads and tails counted, he is no larger than our land is wide [i.e., less than 16 km] ... He stays at the sea

740 views • 21 slides
CEPH WEATHER REPORT ORIT WASSERMAN FOSDEM - 2017 AGENDA New in Jewel New in Kraken and

CEPH WEATHER REPORT ORIT WASSERMAN FOSDEM - 2017 AGENDA New in Jewel New in Kraken and

CEPH WEATHER REPORT ORIT WASSERMAN FOSDEM - 2017 AGENDA New in Jewel New in Kraken and Luminous 2 RELEASES Hammer v0.94.x (L TS) March '15 Infernalis v9.2.x November '15 Jewel v10.2.x (L TS) April '16

711 views • 35 slides
World's Most Powerful Computer Systems Arthur Bland Cray Users Group 2010 Meeting

World's Most Powerful Computer Systems Arthur Bland Cray Users Group 2010 Meeting

Jaguar and Kraken -The World's Most Powerful Computer Systems Arthur Bland Cray Users Group 2010 Meeting Edinburgh, UK May 25, 2010 Abstract & Outline At the SC'09 conference in November 2009, Jaguar and Kraken, both located at

288 views • 25 slides
PIT Release Date Functionality 15-May CAB Release

PIT Release Date Functionality 15-May CAB Release

PIT Release Date Functionality 15-May CAB Release Enumeration alignment 24-May Batching Payroll Submission SOAP Bug fixes 19-Jun Agent access Returns Reconciliation

623 views • 26 slides
PIT Release

PIT Release

PIT Release Date Functionality 15-May CAB Release Enumeration alignment 24-May Batching Payroll Submission SOAP Bug fixes 19-June

506 views • 21 slides
Compassionate Release and COVID-19 WHAT TO DO AND HOW TO WIN Compassionate Release 18 U.S.C.

Compassionate Release and COVID-19 WHAT TO DO AND HOW TO WIN Compassionate Release 18 U.S.C.

Compassionate Release and COVID-19 WHAT TO DO AND HOW TO WIN Compassionate Release 18 U.S.C. 3582 provides in relevant part: (c) M ODIFICATION OF AN I MPOSED T ERM OF I MPRISONMENT . The court may not modify a term of imprisonment once it

550 views • 32 slides
Update July 7, 2016 1 O&M Updates Last Release Updates (June Release): P9

Update July 7, 2016 1 O&M Updates Last Release Updates (June Release): P9

North Carolina Department of Health & Human Services County DSS Directors Update July 7, 2016 1 O&M Updates Last Release Updates (June Release): P9 Transitional MA P3 Provider Portal Release Next

306 views • 8 slides
ELECTRONIC RELEASE and MANDATORY ELECTRONIC SUBMISSION MAY 2010 ELECTRONIC RELEASE BACKGROUND

ELECTRONIC RELEASE and MANDATORY ELECTRONIC SUBMISSION MAY 2010 ELECTRONIC RELEASE BACKGROUND

ELECTRONIC RELEASE and MANDATORY ELECTRONIC SUBMISSION MAY 2010 ELECTRONIC RELEASE BACKGROUND Implemented Saturday, 4 July 2009. Rules to Section 38 amended and published Covers electronic release of import and export goods declarations

591 views • 12 slides
The In Rainbows release Raioheads release of In Rainbows was

The In Rainbows release Raioheads release of In Rainbows was

The In Rainbows release Raioheads release of In Rainbows was interesting as their record label contract had ended so no longer felt as though

476 views • 8 slides
Release management in Debian - Can we do better? Frans Pop FOSDEM 2009, Brussels Frans Pop

Release management in Debian - Can we do better? Frans Pop FOSDEM 2009, Brussels Frans Pop

Release Management Stable release Management The etch-and-a-half release The Lenny release Release management in Debian - Can we do better? Frans Pop FOSDEM 2009, Brussels Frans Pop Release management in Debian - Can we do better? Release

194 views • 18 slides
Release Engineering A guideline for successful software release - Vadiraj Thayur & Jayashree

Release Engineering A guideline for successful software release - Vadiraj Thayur & Jayashree

Release Engineering A guideline for successful software release - Vadiraj Thayur & Jayashree Nagaraja McAfee Confidential Internal Use Only Agenda About the Authors A Story Introduction Need for Release Engineering

598 views • 16 slides
ACMUIs Position on Patient on Patient Release Release Pat Zanzonico, PhD, DABR ACMUI May

ACMUIs Position on Patient on Patient Release Release Pat Zanzonico, PhD, DABR ACMUI May

ACMUIs Position on Patient on Patient Release Release Pat Zanzonico, PhD, DABR ACMUI May 9, 2014 ACMUI, 12/10/10 Patient Release Report Medical use of radionuclides Widely recognized health benefits Public doses

284 views • 10 slides
June 16 th 2015 1 SEM R2.6.0 May 2015 The SEM R2.6.0 release was deployed successfully to

June 16 th 2015 1 SEM R2.6.0 May 2015 The SEM R2.6.0 release was deployed successfully to

Market Systems Release Update Modifications Committee Meeting 62 June 16 th 2015 1 SEM R2.6.0 May 2015 The SEM R2.6.0 release was deployed successfully to schedule on May 15 th 2015. The approved scope for the release was as

72 views • 4 slides
POSITIONAL RELEASE TECHNIQUES Compiled by Richard N. Pierce, ATC, LAT Positional release is a

POSITIONAL RELEASE TECHNIQUES Compiled by Richard N. Pierce, ATC, LAT Positional release is a

POSITIONAL RELEASE TECHNIQUES Compiled by Richard N. Pierce, ATC, LAT Positional release is a type of manual therapy that may be used effectively in treating chronic and sub-acute muscle spasm and the pain and disability that is often

147 views • 3 slides
MEDIA RELEASE (with photos) For Immediate Release October 26, 2017 Media Contact: Damon

MEDIA RELEASE (with photos) For Immediate Release October 26, 2017 Media Contact: Damon

MEDIA RELEASE (with photos) For Immediate Release October 26, 2017 Media Contact: Damon Derstine 215-262-2320 damonderstine@comcast.net Rotary Club of Central Bucks Awards Over $33K to Local Organizations Proceeds from 8 th Annual Ride For

282 views • 3 slides
#$

#$

#$ /':;98*

418 views • 12 slides
Learning and Teaching Strategy Curriculum Review kick-off workshop Professor Alan Spivey

Learning and Teaching Strategy Curriculum Review kick-off workshop Professor Alan Spivey

Learning and Teaching Strategy Curriculum Review kick-off workshop Professor Alan Spivey Assistant Provost (Learning and Teaching) Agenda and event format 14.00 - Introduction and Q&A Alan Spivey L&T Assistant Provost

207 views • 7 slides
Seamless Transitions APRIL 13, 2016 SAFIYAH JACKSON KELLEY POLLITT MICHAEL B. ABEL, PH.D. How

Seamless Transitions APRIL 13, 2016 SAFIYAH JACKSON KELLEY POLLITT MICHAEL B. ABEL, PH.D. How

PreK-3 Continuum: Your Role in Creating Seamless Transitions APRIL 13, 2016 SAFIYAH JACKSON KELLEY POLLITT MICHAEL B. ABEL, PH.D. How often are you formally taking note of what kindergarten transition period means to individual children,

841 views • 48 slides
Allow all students and parents to be better prepared for more days of HBL should the situation

Allow all students and parents to be better prepared for more days of HBL should the situation

Allow all students and parents to be better prepared for more days of HBL should the situation calls for it. ADD A FOOTER 2 Home-Based Learning (HBL) is a plan to help students learn from home. It consists different modes of learning, such

91 views • 7 slides
Release of Unverified Plaintext: Tight Unified Model and Application to ANYDAE Donghoon Chang and

Release of Unverified Plaintext: Tight Unified Model and Application to ANYDAE Donghoon Chang and

AE Definition RUP Security RUP Attack on SUNDAE ANYDAE Release of Unverified Plaintext: Tight Unified Model and Application to ANYDAE Donghoon Chang and Nilanjan Datta and Avijit Dutta and Bart Mennink and Mridul Nandi and Somitra Sanadhya and

849 views • 53 slides
Construc)ng Effec)ve Assignments, Problem Sets & Exam Ques)ons

Construc)ng Effec)ve Assignments, Problem Sets & Exam Ques)ons

Construc)ng Effec)ve Assignments, Problem Sets & Exam Ques)ons Best Prac)ces for Teaching and Learning Goal To illustrate how to apply Bloom s

348 views • 8 slides
Interac(ve Teaching & Ac(ve Learning Best Prac(ces for

Interac(ve Teaching & Ac(ve Learning Best Prac(ces for

Interac(ve Teaching & Ac(ve Learning Best Prac(ces for Teaching and Learning Outline 1. Introduc+on 2. One-on-one teaching 3. Ac+ve Learning Methods

374 views • 21 slides
Writing Multiple-Choice Questions to Assess Higher Order Thinking October 28, 2020 Michael

Writing Multiple-Choice Questions to Assess Higher Order Thinking October 28, 2020 Michael

10/29/2020 Writing Multiple-Choice Questions to Assess Higher Order Thinking October 28, 2020 Michael Atkinson (Department of Psychology) Kim Whiter (Centre for Teaching and Learning) Ken N. Meadows (Centre for Teaching and Learning) Session

127 views • 9 slides

More recommend