Short notes - WPA2 flaw – FRITZ!Box on broadband connections are secure

Short notes

WPA2 flaw – FRITZ!Box on broadband connections are secure

FRITZ!Boxes on broadband connections are currently not affected by the wireless security breach known as "Krack", as such access points do not use the affected 802.11r standard. A possible, theoretical Krack attack targets the wireless connection of a client connecting to the wireless LAN.

A whole range of extensive conditions are required to attack a wireless connection between an access point and an insecure client (laptop, smartphone, TV supporting WiFi). The attacker has to be in the immediate, physical vicinity of the client. Plus, he needs to place himself between the client and the access point in form of a "man in the middle attack". A prerequisite for executing this difficult attack is that the client must sign in again voluntarily. For this to work, the attacker has to be closer to the client than the access point. According to the current assessment, the attacker would be able to read only data from clients with certain implementations.

Regardless of the wireless LAN, relevant connections on higher levels are always encrypted. These include HTTPS connections (web searches, online banking, online purchases, Facebook, WhatsApp, etc.), which can be identified by the padlock symbol or the green display of the browser address. Such encryption remains secure.

The Krack security breach never allows the attacker to become a fully functional participant of an unfamiliar wireless network.

Judging from the difficulty of the attack, the necessity to be physically present, and the fact that encryption still remains effective on higher levels, the practical implementations of the Krack breach appear minor. No attacks have been reported.

AVM became aware of Krack on 16 October. Unfortunately, the responsible disclosure policy that applies in such cases was disregarded by the discoverers of the leak. After further investigation and tests, AVM will provide updates for its wireless repeaters.