312-50V10 · Question #885
in this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstall the key
The correct answer is B. KRACK. KRACK (Key Reinstallation Attack) exploits the WPA2 four-way handshake by replaying cryptographic messages to force nonce reuse, enabling decryption of traffic.
Question
in this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstall the key, associated parameters such as the incremental transmit packet number and receive packet number are reset to their initial values. What is this attack called?
Options
- AChop chop attack
- BKRACK
- CEvil twin
- DWardriving
How the community answered
(20 responses)- A10% (2)
- B75% (15)
- C5% (1)
- D10% (2)
Why each option
KRACK (Key Reinstallation Attack) exploits the WPA2 four-way handshake by replaying cryptographic messages to force nonce reuse, enabling decryption of traffic.
A chop chop attack targets the older WEP protocol by incrementally decrypting a captured packet one byte at a time, and does not involve handshake replay or key reinstallation.
KRACK stands for Key Reinstallation Attack and works by manipulating and replaying WPA2 handshake messages to trick the client into reinstalling an already-in-use pairwise key. This resets the nonce and replay counter to their initial values, allowing an attacker to replay, decrypt, or forge frames. It is the only attack here that precisely matches the described mechanism of handshake replay and key reinstallation.
An evil twin attack creates a rogue access point that mimics a legitimate one to intercept traffic, and does not manipulate cryptographic handshake messages or reset packet counters.
Wardriving is the act of searching for Wi-Fi networks from a moving vehicle using a laptop or phone, and is reconnaissance activity rather than an active cryptographic exploit.
Concept tested: WPA2 KRACK key reinstallation vulnerability
Source: https://www.krackattacks.com/
Topics
Community Discussion
No community discussion yet for this question.