Rijkswatch: KUL team cracks WPA2

17 October 2017

KUL team cracks WPA2

The crypto team at the Katholieke Universiteit Leuven found a flaw in WIFI encryption, compromising its security. Anyone who can capture the signals during the handshake can decrypt the traffic and in some configurations insert and modify data sent over the protocol.
The crack replays message 3 (of 4) in the handshake of WPA2 that establishes the crypto channel. The message is used to reinstall the encryption key and reset the nonce and replay counters.
Linux and Anroid implementations suffer most from the attack as another bug sets the new key to all zero's rendering decryption trivial.
The protocol can be patched in a backward compatible way. Look out for updates on all your WIFI devices!

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

tags

java (96)

security (40)

Microsoft (33)

google (33)

Oracle (31)

DWS-4050-EE6 (23)

FJ-310 (23)

solaris (23)

Java EE (19)

SL-314-EE6 (17)

SL-351-EE5 (16)

STS-276-S10 (16)

JPA (14)

SL-370-EE6 (14)

e-commerce (14)

IntelliJ (13)

SA-300-S10 (13)

Windows (13)

OO-226 (12)

firefox (12)

legal (12)

patternsEE6 (12)

privacy (12)

sun (12)

web (12)

SL-314-EE5 (11)

UML (11)

hybris (11)

software engineering (11)

jhtp (10)

JSP (9)

netbeans (9)

network (9)

Android (8)

SL-340-EE6 (8)

SL-385 (8)

XML (8)

AI (7)

EJB (7)

cloud (7)

doodle (7)

git (7)

spring (7)

china (6)

patch (6)

patterns (6)

servlet (6)

spr420 (6)

uniway (6)

DOM (5)

JSTL (5)

MS Office (5)

SPR410 (5)

amazon (5)

belgium (5)

database (5)

glassfish (5)

google drive (5)

javascript (5)

plugins (5)

solaris 10 (5)

weblogic (5)

windows 10 (5)

GDPR (4)

Identity and Access Management (4)

JAXB (4)

JAXP (4)

Java EE 7 (4)

SL-500 (4)

adobe (4)

browser (4)

censorship (4)

chrome (4)

encryption (4)

excel (4)

facebook (4)

ide (4)

java 7 (4)

jax-rs (4)

jetbrains (4)

maven (4)

powerpoint (4)

quote (4)

search (4)

tomcat (4)

Bill Gates (3)

DB1 (3)

JUnit (3)

Java 8 (3)

MS teams (3)

MVC (3)

SAP (3)

SAX (3)

Vista (3)

Word (3)

corona (3)

design (3)

eclipse (3)

education (3)

filter (3)

fowler (3)

hacking (3)

hibernate (3)

install (3)

java 9 (3)

node.js (3)

office (3)

onenote (3)

openoffice (3)

pdf (3)

schema (3)

servlet 3 (3)

sql (3)

struts (3)

umlet (3)

unix (3)

virus (3)

Applying UML and patterns (2)

Belgacom (2)

EL (2)

Google App Engine (2)

Google drive file stream (2)

IPv4 (2)

JAX-WS (2)

JEE5 (2)

JSF (2)

JSON (2)

Jakarta EE (2)

Java EE5 (2)

Java EE6 (2)

PATH (2)

RAID (2)

REST (2)

SMF (2)

SOAPUI (2)

agile (2)

anti-virus (2)

apache (2)

apple (2)

architecture (2)

canon pixma (2)

certification (2)

cookies (2)

credential manager (2)

cygwin (2)

derby (2)

devoxx (2)

disk (2)

dns (2)

drupal (2)

e-gov (2)

ecology (2)

eid (2)

electronic identity card (2)

enum (2)

europe (2)

free speech (2)

google maps (2)

gwt (2)

icann (2)

iphone (2)

itunes (2)

light field camera (2)

linkedIn (2)

linux (2)

logging (2)

lucene (2)

lytro (2)

microservices (2)

mobile (2)

newspapers (2)

olympics (2)

open software (2)

photo (2)

porn (2)

printer (2)

routing (2)

russia (2)

searchblox (2)

site (2)

solaris 11 (2)

spam (2)

spring boot (2)

springsource (2)

unified process (2)

us (2)

webservices (2)

wikileaks (2)

xpath (2)

yahoo (2)

.Net (1)

12.1.2 (1)

5.1 (1)

64bit (1)

7.4 (1)

7u51 (1)

9/11 (1)

ANSI SQL (1)

BDD (1)

BEA (1)

Babbage (1)

CERN (1)

CMS (1)

Calendra (1)

ClearApp (1)

ConnectionPool (1)

Covalent (1)

Craig Larman (1)

DAO (1)

DRM (1)

DSL (1)

DTD (1)

DataSource (1)

Defect Driven Design (1)

EDAM (1)

EDF (1)

EDPS (1)

EE4J (1)

EJB client (1)

EJB2 (1)

EJB3 (1)

ESB (1)

ESM (1)

Flex (1)

Floyd Landis (1)

GCHQ (1)

GPL (1)

GUI (1)

Gears (1)

GlobalCollect (1)

Google Apps (1)

Google docs (1)

Greenpeace (1)

HP (1)

HTML (1)

HTML 5 (1)

IPMP (1)

ISOC (1)

Igenico (1)

JAVA_HOME (1)

JDBC (1)

JSR (1)

JavaFX (1)

Jshell (1)

Keccak (1)

LexicalHandler (1)

Luminus (1)

MDA (1)

MDB (1)

MySQL (1)

NFC (1)

NSA (1)

OAuth (1)

OMG (1)

OO (1)

ORM (1)

OSI (1)

Ogone (1)

OpenIndiana (1)

OpenSolaris (1)

PAC (1)

POSIX (1)

PPID (1)

Passlogix (1)

QR code (1)

RDISC (1)

RIP (1)

RSA (1)

RTBF (1)

Rosario (1)

SABAM (1)

SCBCD (1)

SDL (1)

SHA-3 (1)

SII (1)

SL-275 (1)

SL-285 (1)

SOA (1)

SOAP UI (1)

SUA (1)

ServletContextListener (1)

Sybase (1)

TCPIP (1)

TV (1)

Tour de France (1)

TypeScript (1)

Virtual Clone Drive (1)

Visual Studio (1)

Vue.js (1)

WSDL (1)

WebGL (1)

Word 2007 (1)

absorbtiekussen (1)

acquia (1)

acquisition (1)

acrobat (1)

action (1)

adblock (1)

adidas (1)

adobe marketing cloud (1)

adoptopenjdk (1)

advertising (1)

android studio (1)

annotations (1)

ant (1)

antikera (1)

april fools day (1)

aqua (1)

archeology (1)

arthur weasley (1)

assessment (1)

assistive technology (1)

astah (1)

astronomy (1)

asynchronous (1)

automation (1)

awt (1)

bash (1)

beer (1)

big data (1)

blended learning (1)

blogger (1)

brain (1)

builder (1)

canvas (1)

canvas LMS (1)

captcha (1)

caroussel (1)

cartoon (1)

chat (1)

chip (1)

civilization (1)

civworld (1)

classloader (1)

classpath (1)

cmd (1)

cmmi (1)

cognitum (1)

coica (1)

coin (1)

commercial (1)

commission (1)

contact tracing (1)

content filter (1)

copyleft (1)

copyright (1)

corrupted (1)

course (1)

cream (1)

criteria (1)

css (1)

customer experience (1)

customer journey (1)

dabbleboard (1)

daemen (1)

dagvers (1)

date (1)

defender (1)

deprecated (1)

digsby (1)

disconnect (1)

docx (1)

dos (1)

dozer (1)

drive letter (1)

dzone (1)

e-book (1)

earth day (1)

eclipse4sl (1)

epf (1)

epic (1)

erd (1)

ethernet (1)

etl (1)

eventviewer (1)

exams (1)

extensions (1)

figma (1)

find (1)

fingerprinting (1)

fleet (1)

font awesome (1)

forefront (1)

forrester (1)

geocache (1)

gherkin (1)

github (1)

gitlab (1)

gmail (1)

google photos (1)

google presentations (1)

google scribe (1)

google slides (1)

google talk (1)

gosling (1)

gradle (1)

grails (1)

groovy (1)

harry potter (1)

hiking (1)

hosting (1)

hostname (1)

hotmail (1)

html editor (1)

ian dury (1)

ie (1)

ifconfig (1)

ighome (1)

igoogle (1)

implants (1)

indigov (1)

inetd (1)

ink absorber (1)

intel (1)

interceptors (1)

internet (1)

ipv6 (1)

iso (1)

itsme (1)

java 10 (1)

java 12 (1)

java 14 (1)

java 15 (1)

java 16 (1)

java db (1)

java webstart (1)

java.nio.file (1)

java.policy (1)

javapath (1)

javaranch (1)

jdk (1)

jersey (1)

jest (1)

jetpack compose (1)

jms (1)

jobat (1)

joda time (1)

joke (1)

jpeg (1)

jpg (1)

jsr315 (1)

jsr339 (1)

keyboard (1)

kotlin (1)

la plagne (1)

larry ellison (1)

ldap (1)

lego (1)

library (1)

libreoffice (1)

life cycle callback (1)

lists (1)

live upgrade (1)

localdatetime (1)

log4j (1)

login (1)

logon (1)

london (1)

magnolia (1)

mail (1)

man (1)

markdown (1)

markdown enhanced plugin (1)

marvin attack (1)

mcafee (1)

mdm (1)

medicine (1)

mercurial (1)

model 2 (1)

mono (1)

mono sans symbols (1)

moonlight (1)

morro (1)

moshi (1)

mousegestures (1)

msn (1)

musk (1)

myriam makeba (1)

namespace (1)

neo (1)

netflix (1)

nethack (1)

neuralink (1)

newspass (1)

node.js v10 (1)

noopener (1)

nosql (1)

notes font (1)

npm (1)

ntp (1)

nuclear energy (1)

object relational mapping (1)

objectify (1)

online payment (1)

open grid scheduler (1)

openjdk (1)

openup (1)

oracle express (1)

oracle grid engine (1)

outlook (1)

page breaks (1)

password (1)

patents (1)

pca (1)

pedophilia (1)

performance (1)

phone (1)

pidgin (1)

pin to start (1)

power button (1)

powershell (1)

prince2 (1)

print (1)

protect IP (1)

proxy (1)

public domain software (1)

public transport (1)

pulse (1)

push (1)

quantum holographic encoding (1)

quantum physics (1)

real-time presence (1)

reasons to be (1)

record (1)

retail (1)

rider (1)

routeyou (1)

salesforce (1)

scam (1)

screen reader (1)

scrum (1)

self driving cars (1)

seo (1)

sequencediagram (1)

serge vleugels (1)

servlets (1)

session bean (1)

sha-1 (1)

sha-2 (1)

silverlight (1)

sint-niklaas (1)

ski (1)

slack (1)

slf4j (1)

smpatch (1)

sms (1)

sniff (1)

solr (1)

sports (1)

spring boot devtools (1)

spring data (1)

spring web flow (1)

sql developer (1)

ssh (1)

stack overflow (1)

staroffice (1)

start menu (1)

stijn de paepe (1)

storage (1)

strata (1)

streetview (1)

stub (1)

subversion (1)

sudan (1)

sun grid engine (1)

sunos (1)

surface (1)

swing (1)

syria (1)

tabniine (1)

tax on web (1)

teaching (1)

telesys (1)

terminalio (1)

tiktok (1)

tiles (1)

time (1)

tns (1)

tommee (1)

toots thielemans (1)

toughtworks (1)

trump (1)

ts-node (1)

tsx (1)

turkey (1)

tutoraat (1)

twitter (1)

uac (1)

uk (1)

univa (1)

unnethack (1)

upgrade (1)

usb (1)

user experience (1)

versioning (1)

vietnam (1)

vim (1)

virtual box (1)

vitest (1)

vox teneo (1)

vrt.nu (1)

vtoc (1)

web flow (1)

web server (1)

web-types (1)

websites (1)

websockets (1)

webstorm (1)

whiteboard (1)

wifi (1)

windows 11 (1)

wlntio.dll (1)

xp (1)

xpg4 (1)

youtube (1)

zap mama (1)

zfs (1)

zones (1)

zuckerberg (1)