Wi-Fi encryption cracked

The Wi-Fi encryption method WPA2 has been cracked. The WPA2 vulnerability enables attackers to access encrypted data communications.

A researcher from a Belgian university was able to crack the encryption of Wi-Fi networks. The handshake of the WPA2 protocol, which until now has been considered secure, was found to contain a vulnerability that enables decryption.

A KRACK attack (key reinstallation attack) is a man-in-the-middle attack which exploits weaknesses in the WLAN protocol. The attack mainly targets Wi-Fi-supporting terminal devices or the client functionality of WLAN access points (repeater or 802.11r). Exploiting it requires a rogue access point using a fake MAC address. The vulnerability jeopardises the integrity of data in all WLAN implementations. Linux and Android are particularly vulnerable to the decryption of wireless traffic.

Target group of the alert

The alert affects all users of WLAN (WiFi) client devices. Vulnerable devices include laptops, telephones, tablets and other mobile devices that connect to the Wi-Fi network.

Possible solutions and restrictive measures

Because of the WPA2 decryption risk, we recommend other encryption methods for the processing of confidential information, such as SSL/TLS, SSH and VPN solutions. We also recommend disabling the 802.11r functionality of WLAN access points. The vulnerability does not affect the encryption of mobile data included in a mobile subscription.

Further information

Key Reinstallation Attacks - Breaking WPA2 by forcing nonce reuse

Microsoft security guidance advisory

CERT/CC updated a list about exploit consequences to different client systems

BleepingComputer's list about vulnerable systems and their updates

Update history

Key words: Information security , Internet , Encryption , Holder transfer key , NCSA , NCSC-FI , WLAN , Alerts

LinkedIn Print


The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313


Media contacts by telephone +358 295 390 248