Silex Unwired

KRACK attack threatens Wi-Fi Enterprise Security

Posted by Babar Hashim on October 17, 2017

WPA2 Security.pngWi-Fi Enterprise Security is critical to Silex as we strive to provide secure, reliable and robust wireless connectivity solutions to our customers. We want to assure our customers that we are well aware of the recent KRACK attack threat to WPA2 Wi-Fi security, and we will be providing a solution imminently. 

Recently published research in below references have identified vulnerabilities in some Wi-Fi devices. Those devices reinstall network encryption keys under certain conditions, disabling replay protection and significantly reducing the security of encryption. This security vulnerability is inherent to the WPA2 protocol itself, and in principle impacts all products using the WPA security supplicant.

The Wi-Fi Alliance has stated that there is no evidence that the vulnerability has been exploited maliciously. Also at Silex we believe that the operational impact of this security threat is low at this time. This issue can be resolved through software updates and we are working diligently to investigate and resolve this threat for all our products. as soon as possible We are targeting to communicate our solution to this WPA2 vulnerability by October 23rd, 2017.

References:

Key Reinstallation AttaCKs:   https://www.krackattacks.com/

Wi-Fi Alliance Statement: https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update

Japan Computer Emergency Response Team Coordination Center: https://jvn.jp/vu/JVNVU90609033/

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

Download Enterprise Security White Paper

Tags: Wi-Fi, 802.11n, Access Point, IoT, 802.11ac, WPA2, enterprise security