Technicolor Information for VU#228519
Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
- Vendor Information Help Date Notified:
- Statement Date: 18 Oct 2017
- Date Updated: 19 Oct 2017
By making use of a model-based approach, researchers from K.U Leuven University have identified several theoretical flaws in the Wi-Fi Protected Acess (WPA) protocol. These weaknesses constitute a new class of attack on the 4-way handshake used in all flavors of WPA/WPA2, named KRACK: Key Reinstallation AttaCK.
This academic research presents an industry-wide issue as all products implementing Wi-Fi are theoretically vulnerable.
In practice, no gateway or modem manufactured by Technicolor, implementing WiFi Access point routing function is affected by this class of attack. This is due to the fact that the vulnerable function allowing practical attack against the Access Point is not present. The end users should continue to use their Technicolor gateway or modem without changing WPA2 settings. In particular, none of these attacks is able to retrieve the WPA private passphrase. This recommendation is also valid for the legacy Thomson and Cisco branded gateways and modems.
The 802.11r standard makes use of a 4-way handshake protocol that was mathematically proven secure by the scientific community. Yet, the research publication exhibits weaknesses in some implementations of this protocol, that can affect the way the client connects to the Access point. For Access Points, the operational impact is very limited. Gateways and modems configured as Wi-Fi Access Point are not potentially concerned, except when supporting Fast BSS Transition handshake introduced with 802.11r standard. Fast BSS Transition handshake is usually not supported on residential gateways and modems, because this feature is intended to minimize roaming time between several access points in a managed network.
Technicolor works constantly to improve security of its products, alongside with the Wi-Fi Alliance. Technicolor remains committed to provide efficient support to its customers and end-users.
Our detailed security bulletins remain reserved for our customers. Customers can contact their Technicolor Customer Technical Support.
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.