Last week, a report by Mathy Vanhoef of imec-DistriNet revealed a vulnerability in the WPA2 protocol used by virtually all Wi-Fi networks worldwide. The flaw allows hackers to perform a man-in-the-middle (MitM) attack and decrypt and read all Internet traffic going through the network. However, Secure Phone users should rest assured that their security is not compromised.
The Wi-Fi Protected Access II (WPA2) protocol has been the industry standard for protecting consumer wireless networks since 2006. It is omnipresent, and legitimately much more secure than its predecessor, WEP. However, as reported by Vanhoef, a cryptographic flaw in the protocol allows for a Key Reinstallations Attacks (KRACK) to be performed against any device using Wi-Fi.
How KRACK attacks work?
In essence, KRACK attacks are vanilla MitM. An adversary sets up a malicious network, lures your device to connect to it, and uses their administrator rights as the de-facto network operator to read unencrypted traffic. The cryptographic vulnerability KRACK exploits is the so-called four-way handshake between the network and the device connecting to it.
This algorithm is used by all wireless protocols, not just WPA2, to check whether the connecting user knows the network password. In WPA2, however, the session encryption key generated in the third step can be re-sent multiple times (as a precaution in case it gets lost during transmission). This allows hackers to copy or replace it. If the attacker succeeds in manipulating the key, they could strip the layer of encryption created between your device and your router by WPA2.
On some devices, including Android-based ones, the attack could be used to redirect the traffic from one port to another and fool your web browser to use HTTP instead of HTTPS – the so-called sslstrip. However, the site itself should be improperly configured for that to work. The user could also spot the lack of a green lock and “https” in front of the URL, if they are cautious enough to look before filling in sensitive data like passwords and banking credentials.
Why are Secure Phone users safe?
The attack described above should worry regular users because: 1. It could be performed on any network and remove its encryption; 2. It could actively decrypt supposedly encrypted HTTPS traffic. Before device and software vendors fix the vulnerability in their implementations, the best thing users can do is to add another layer of encryption to their communications – by using VPN for web traffic and end-to-end encrypted apps for communications.
The above is what Secure Phone does anyway. There are two types of traffic on and off our device:
- The user’s emails, messages, and calls, which happen only through our proprietary secure apps. They use the PGP, OTR, OMEMO, and ZRTP protocols to encrypt everything all the way to the recipient’s end.
- The communication between the device and the Secure Administration System (SAS) - the policy packages which the platform sends to the phone to enable and disable features and apps. This traffic is encrypted via TLS.
These layers of encryption remain in place, even if someone performs a KRACK attack on your Wi-Fi. The adversary will still be unable to read your messages or tamper with the policies SAS sends. Internet browsing on Secure Phone is disabled by default for security purposes (it is a potential doorway for malware). Because of that, it is irrelevant if an attacker tries to perform sslstrip on you. On top of that, you can always turn Wi-Fi off and rely entirely on the unlimited data plan we provide with Secure SIM.
Comments