In the middle and late 1990s, in the early days of the Internet, any machine could "sniff" the traffic of any other given machine, even on the wired network. At that time, Ethernet was mainly connected through hubs, not switches. Anyone who knows a little about the Internet protocol can browse the content transmitted in the network traffic at any time, from the underlying network packets to the e-mail of the application layer.
At the turn of the century (nearly 2000), wired Ethernet has been transferred from hub (even the old coaxial cable network) to switch. The hub will forward every packet it receives to every machine connected to it, so network sniffing based on this is very simple. In contrast, the switch will only forward the packets to its own MAC address, so when computer B wants to send packets to router A, the switch will not provide network packets to users on computer C. This subtle change makes the wired network more trustworthy than before. 1997 released the original 802. 1 1 Wi-Fi standard, including WEP- wireless encryption protocol, which provided the same security expectation as the wired network expected by users at present, so his name came from it.
The original version of WEP requires a number of 10 or a 26-bit hexadecimal pre-shared key, such as 0A3FBE839A. Because the available characters of hexadecimal digits are limited, only 0-9 and A-F letters are available, which is quite different from the readable characters used in daily life, so it is very difficult to read and use, and it is prone to failure. For example, if you use letters that are not in the range of 0-F, you will report an error. As expected, WEP was soon abandoned. Although it seems unreasonable to require users to share 10 or 26-bit hexadecimal digits effectively and accurately, it is actually used in 1997.
Di-514802.11b of D-Link is an example of WEP router. This is a perfect router.
Subsequent versions of WEP provide a consistent way for clients and routers to automatically hash human-readable passwords of any length up to 10 or 26-bit hexadecimal code. Therefore, although the bottom layer of WEP still uses the original 40-bit or 104-bit numbers for processing, at least people don't need to read and share these unforgettable number strings. From the transition from numbers to passwords, the usage of WEP began to climb.
Although people actually use WEP quite well, there are still many problems in this early security protocol. On the one hand, it deliberately uses weak RC4 encryption. Although the enhanced encryption algorithm can be set manually, it is still easy to be smelled by other machines in the same network. Since all traffic uses the same PSK encryption and decryption, anyone can easily intercept your traffic and decrypt it.
This is not the most terrible. The terrible thing is that WAP passwords can be easily cracked, and any WEP network can be cracked in a few minutes based on Aircraft-NG cracking suite.
The initial implementation of WPA adopts 802. 1 1g WI-FI standard, which greatly improves WEP. WPA was designed to accept humanized passwords from the beginning, but its improvement goes far beyond this.
WPA introduced TKIP, namely temporal key integrity protocol. TKIP has two main purposes. First, it creates a new 128-bit key for each packet sent. This can prevent the WEP network from being destroyed in a few minutes. TKIP also provides a stronger message authentication code than WEP simple cyclic redundancy check (CRC). CRC can usually be used for data verification with low reliability to reduce the influence of network line noise, but it has a natural defect and cannot effectively resist targeted attacks.
TKIP also prevents your traffic from being automatically exposed to other people who join the Wi-Fi network. WEP's static pre-shared key means that anyone can receive other people's traffic completely and clearly. But TKIP uses a new temporary key for each transmitted packet, so others cannot use this key. People connected to the public Wi-Fi network know the password, but they use different data encryption keys, so you can't directly browse the contents of network packets transmitted by others.
However, TKIP also has its problems. In 2008, it was attacked by a person for the first time. Martin Beck and Erik Tews, security researchers, found a method to decrypt short packets in WPA/TKIP networks by using 802. 1 1e QoS function, which is also called "Beck-Tews attack". The attack process only takes 12- 15 minutes, but this is not the worst. At that time, there were relatively few networks that actually realized 802.11e.
In 2009, security researchers Toshihiro Ohigashi and Masakatu Morii submitted a paper entitled "A New Variant of Beck-Tews Attack", which disclosed the details of the attack. This attack can attack any WPA/TKIP network.
In 2004, the Institute of Electrical and Electronics Engineers (IEEE) created a new extension of 802. 1 1 wireless network standard. Wi-Fi Alliance, an industry regulator with Wi-Fi trademark, implemented WPA2 based on 802. 1 1i extension. The improvement of this version is to use AES-CCMP instead of TKIP for non-enterprise authentication (enterprises usually use RADIUS to assign passwords to each user separately, which can avoid most authentication attacks).
There are some 802. 1 1g routers that support AES, but a large part of them are actually used from 802. 1 1n routers, such as Linksys WRT3 10n in the above figure.
The alphabet soup here is very thick and hot: AES is an advanced encryption standard, and CCMP is a counter mode cipher block chain message authentication code protocol. AES-CCMP algorithm can avoid the man-in-the-middle attack of Beck-Tews and its variants. Although WPA2 supports AES-CCMP, it is not mandatory. Many users still use TKIP for compatibility with old non-WPA2 devices.
Managing WPA2 and AES-CCMP can avoid manual deletion in the middle, but it can't solve the security problem permanently. Clark attack on 20 17 pierced the barrier of AES/CCMP like a sharp arrow.
802. 1 1i expect that the connection to the network will be lost occasionally. In order to speed up the reconnection, it allows the disconnected device to reconnect with the old key. Therefore, a well-disguised listener can capture packets and use replay attacks to force the network to repeatedly send the same known block with a new random number. In this way, the attacker can reconstruct the entire key string through this information, thus achieving complete network access.
The KRACK attack exploits the vulnerability of 802. 1 1i, so WPA2 cannot be fixed. Although the attack can be alleviated to a great extent by disabling the retransmission of EAPOL key frames during key installation, it will take longer for offline devices to reply to reconnection. However, this is the only way to prevent KRACK attacks and improve security.
Shortly after the announcement of the KRACK attack, the Wi-Fi Alliance launched WPA3 on June 20 18. WPA3 avoids replay attacks by replacing key pre-sharing (PSK) with equivalent authentication (SAE). SAE is a protocol designed to effectively and securely identify peer devices. Firstly, it proposes 802+0438+0s standard for Wi-Fi mesh network. In addition to solving the KRACK attack, the Wi-Fi Alliance claims that the implementation of SAE mentioned in IEEE 802.11-2016 will solve the security problems caused by users' carelessness or settings. SAE also solves the network (non-violent or dictionary) attacks by setting short passwords.
WPA3 authentication also introduces the ability to authenticate using NFC. NFC or Near Field Communication (NFC) is a very short-range wireless communication technology, which is used for authentication by bringing the device close to the authentication device. If the WPA3 router or access point is enabled to join the NFC network, you only need to use an NFC-enabled mobile phone or Internet device to join the network through the router/access point. Although this is a kind of low security in a sense, anyone who can surf the internet with a mobile phone. However, because NFC session can't be captured remotely, and it's convenient and easy to use, it doesn't need to remember passwords, and it can be audited and tracked afterwards based on network access devices, so it is a relatively convenient and reliable method, which perfectly balances the requirements of security and ease of use.
WPA3 also fixes another obvious vulnerability of Wi-Fi encryption by adding perfect forward secrecy. For WEP, WPA or WPA2, attackers who don't know the Wi-Fi password can record everything in their area and then get the key before decryption. Perfect forward secrecy eliminates the possibility of pre-recording network packets. Even if you later cracked the network, the data packet you captured earlier is still undecipherable. With WPA3, even weak HTTPS connections and unencrypted network packets, such as DNS resolution, will be protected.
There is still a long way to go before WPA3 goes on the market, and there is no router supporting it on the market at present. But don't panic about it. Most modern routers also support KRACK attack mitigation settings.
If possible, never use any non-802. 1 1ac equipment;
You should be absolutely sure that you have updated the firmware on all routers and the latest available version.
If the latest available firmware version of your device is earlier than 20 17 1 1 month, it will undoubtedly be vulnerable to KRACK attacks. What you have to do at this time is to change a newer router.
Windows, Linux or BSD, Apple personal computers are usually fine, as long as the operating system itself is patched and updated. WPA2 authentication on general-purpose computers is usually independent of the operating system and can be solved by hardware drivers.
If the device itself is up-to-date, then Apple IOS devices and Google Pixel and Nexus devices are fine. Android devices usually have many problems, because many Android OEM and operators can't provide the latest security patches in time. Internet of things devices are also a frequent point of security problems. If you have a non-Google Android device or a general Internet of Things device, you need to pay attention to the security dynamics to ensure that there is nothing wrong with your device.
Finally, the history of Wi-Fi security protocols tells us that no device or protocol is always secure, and security is dynamic. Once solved, new vulnerabilities will appear immediately. Only by constantly iterating and updating is the only rule to ensure security.