Offline Cryptographic Attacks Targeting the Wi-Fi Protected Access 2 Protocol

On August 4, 2018, Jens Steube from the Hashcat project published an article introducing a new method to obtain cryptographic information from wireless traffic that can then be used by an attacker to attempt the offline recovery of the preshared key (PSK) used to secure a Wi-Fi network.

Both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access 2 (WPA2) protocols are known to be susceptible to offline cryptographic attacks when a PSK is used as an authentication mechanism. This is not a new vulnerability or a new attack against these protocols. This is a new vector that allows an attacker to obtain the information required to attempt an offline attack against the PSK.

This new method is different from the existing attacks against the PSK because it does not require an attacker to wait for an Extensible Authentication Protocol over LAN (EAPOL) authentication exchange, capture it, and proceed to attempt an offline PSK recovery. This new vector allows an attacker to extract the required information from a single wireless frame transmitted during a roaming event. The following conditions for this capture apply:

  • The frame contains a Robust Security Network-Pairwise Master Key Identification (RSN-PMKID) option
  • The wireless infrastructure is configured to use WPA2 with a PSK mode of authentication
  • The wireless infrastructure supports the Proactive Key Caching (PKC) fast roaming option (PMKID roaming)

The wireless frame can be acquired by passively listening to traffic from the wireless network during the roaming.

It is important to note that this method does not make it easier or faster to recover the PSK for a Wi-Fi network. Instead, it is easier for an attacker to collect the information required to conduct a subsequent offline cryptographic attack. The likelihood of a successful recovery of the PSK is highly dependent on the complexity of the PSK in use.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180809-wpa2

Security Impact Rating: Informational

Related:

  • No Related Posts

Building the 5G Foundation – Enterprise Private Mobility-as-a-Service

Progressive enterprises are pursuing software-defined solutions with operating models powered by analytics, automation and machine communications to improve productivity, service-levels and cost structures. With hundreds of devices and sensors connecting to a network, wired connections are becoming expensive. At the same time, the mobile networks are not ready for the massive connections and the data associated with these connections coming their way. Using conventional unlicensed methods such as Wi-Fi to address the coverage and capacity is not necessarily ideal for some mission critical workloads.  This is because: Wi-Fi is designed as a “best effort” service, it … READ MORE

Related:

  • No Related Posts

Cisco Aironet Series Access Points Quality of Service Denial of Service Vulnerability

A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to improper input validation on QoS fields within Wi-Fi frames by the affected device. An attacker could exploit this vulnerability by sending malformed Wi-Fi frames to an affected device. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-aap-dos

Security Impact Rating: Medium

CVE: CVE-2019-1826

Related:

  • No Related Posts

SEP firewall on laptops blocks hotspot

I need a solution

Hi guys, I recently installed Symantec Endpoint Protection on my laptop, and since then I can’t use my laptop to create a hotspot.

When I connect my mobile to the hotspot it says “connected- no internet”.

I’ve narrowed down the issue to be the SEP firewall since the hotspot works when the firewall is off.

 I’ve made a few rules to allow all IP protocols to the adapter that my hotspot uses, but it’s still getting blocked.

 I guess that I didn’t set up the rule correctly or something, can anyone assist me with this please?

0

1549922707

Related:

  • No Related Posts

Inviting Participation to #ZENworks 2017 Update 4 Beta

I’m happy to announce that we are planning to start the ZENworks 2017 Update 4 beta program in first week of November. The top 10 things happening in Update 4 are: Movement to Open JDK Support to deploy Wi-Fi configuration to Mobile devices Enhanced Device control settings for Android and iOS Support to deploy enterprise …

+read more

The post Inviting Participation to #ZENworks 2017 Update 4 Beta appeared first on Cool Solutions. gvikram

Related:

MAC and windows device control

I need a solution

Hi Team,

We are planning to setup Endpoint protection 14 for our IT Infra. can you please help me below querys

1. Is MAC machines device can control from Symantec server end , Like USB Block ?

2. If MAC connected Wifi or Wired, or home network , can we control USB block ?

3 . For windows Laptops also can we block USB more than 6 Months ?

4. Can we monitor the logs if any user connected USB external device his/her Laptop ?

5. Firewall management both MAC and windows ?

5. Please share your support email and contact details.

Thanks,

Ranjan

91 9845810364

0

Related: