Is WPA2 Secure?
By Nick Anderson 5 minutes
WPA2 is a protocol for establishing connections between the Wi-Fi router and devices. It provides encryption essential for keeping the line of communication secure between the access point and the connected devices. WPA2 is widely used today, with modern routers using it by default. But as with technology, vulnerabilities exist that malicious actors are always on the lookout for to exploit. It brings us to the question: is WPA2 secure?
For the most part, WPA2 is very secure, and most users will not be affected. However, WPA2 has vulnerabilities that you need to know about. It will prepare you to defend against Wi-Fi attacks.
What is WPA2?
As a wireless technology, Wi-Fi is commonplace for connecting to the internet. Whether you are at home or sipping coffee at a cafe, you are likely connected to a Wi-Fi network as you browse through the web. It’s incredibly convenient, allowing you to connect to an access point with just a tap.
A password-protected Wi-Fi network means that it’s using some type of encryption protocol. WPA (Wi-Fi Protected Access) is the most common Wi-Fi protocol, and WPA3 is the latest iteration. However, as WPA3 is a newer protocol, most routers will have support for WPA2 only.
WPA2 is available for Home users under WPA-PSK (AES) and WPA-PSK (TKIP) and for Enterprise users under WPA-EAP.
How Does WPA2 Work?
A third party can intercept wireless signals. It poses a huge security risk because a hacker can intercept data packets and steal information.
WPA2 is an encryption protocol whose job is to authenticate a device to the access point and encrypt data packets. It is a replacement for older protocols such as WPA and Wired Equivalent Privacy (WEP). WPA-PSK uses a preshared key, which is basically the password you enter to connect with a Wi-Fi network. The preshared key generates an encrypted key that is used to secure communication.
Depending on whether you use WPA-PSK (AES) or WPA-PSK (TKIP), it will use AES (Advanced Encryption Standard) or Temporal Key Integrity Protocol (TKIP) encryption.
Is WPA2 Secure?
The WPA2 protocol involves a 4-way handshake process where both parties (client and the access point) authenticate and agree on an encryption key for the session. This is a fundamental process that every device connecting to an access point using WPA2 must go through.
A vulnerability was discovered in the WPA2 protocol that allows an attacker to sniff the network traffic between a device and an access point. This Man-in-the-Middle (MITM) type attack relies on a vulnerability that lets the attack inject an encryption key in the 4-way handshake.
The exploit is known as KRACK (Key Reinstallation Attack) and it triggered an alarm for security experts and device manufacturers. WPA2 is the most common Wi-Fi protocol, so the attack affects millions of routers and devices worldwide. The vulnerability was revealed to manufacturers two months before it was made public, allowing them to develop the patch to fix this.
It was not just Wi-Fi routers that were affected, devices needed to be patched too. The researchers who discovered the vulnerability also noticed that Android version 6.0 (Marshmallow) and Linux could be tricked into using an all-zero encryption key.
What is KRACK? WPA2 Vulnerability Explained
WPA2 generates a new encryption key for every session. KRACK can reinstall a previous session key during the handshake process. The attacker has to prevent the acknowledgment (step 4) from reaching the access point. At which point, the access point will redo step 3 of the handshake.
Once the attacker has installed itself in the middle of the communication, it can decrypt network traffic. It means that sensitive data can be stolen. For KRACK to work, the attacker has to close to the access point and the client’s device. Distance would otherwise lead to packet loss and part of a message to be dropped.
KRACK is not useful against HTTPS websites. It is a web protocol that implements end-to-end encryption. Much of the web today has transitioned to HTTPS, especially those websites requiring user login information. If HTTPS was not present, that login information would get transmitted in plain text, allowing a third party to read that.
However, with a tool like sslstrip, an attacker can force an improperly configured website to display the HTTP version instead, which does not use encryption. So, using KRACK and sslstrip, an attacker can successfully read information without your information.
Depending on the WPA2 implementation in use, the attacker can not only decrypt packets but also modify them. So the attacker could insert malicious links instead.
How to Secure Your Wi-Fi
Although the vulnerability is now six years old and routers and devices manufactured after that are likely not susceptible, older ones are still in use. Most people buy a normal Wi-Fi router and never update the firmware throughout its life. Such cases is where attackers can still use KRACK to spy on communications.
What you must do:
- Update your router’s firmware.
- Update your device to the latest operating system update.
The KRACK Attack provides another reminder of how small vulnerabilities can challenge the security built to protect users. WPA2 was 14 years old at that point and continues to be the most common Wi-Fi protocol in use today, hence why it’s important to apply the patch to prevent the attack.
It was fortunate that the vulnerability was discovered by researchers and not the underground hacking community. Otherwise, it would have done far more damage at the unbeknownst of the internet population.