From Silicon Labs: KRACK WPA2 Encryption Protocol Vulnerability
About Symmetry Electronics Team
Established in 1998, Symmetry Electronics is a focused global distributor of wireless connectivity solutions, sensors, and audio-video technologies. Offering comprehensive design support and available-to-ship inventory, Symmetry is committed to helping engineers accelerate time to market, reduce costs, and offer modern solutions for their IoT designs. Acquired by Berkshire Hathaway company, TTI, Inc. in 2017, Symmetry Electronics is part of the Exponential Technology Group (XTG) – a supergroup of electronic component distributors and engineering services firms working together to advance the electronics industry. For more information, visit www.symmetryelectronics.com.
There has been significant press coverage regarding the KRACK attack on the WPA2 protocol used in most modern Wi-Fi systems. With the attack, the security of WPA2 becomes equivalent of using an open, insecure Wi-Fi network. Any service using secure protocols at higher level, such as HTTPS, TLS etc. are still secure.
We are working on patches for our Wi-Fi products.
In the meantime, the mitigation is to secure the implementations using secure application level protocols, such as HTTPS, TLS etc. This should not only be done due to KRACK, but also because that would protect against open Wi-Fi networks, spoofed access points, or monitoring from ISPs or governments. So all systems should be secured at the application levels regardless of KRACK.
Links for how to use TLS / HTTPS:
https://www.silabs.com/documents/login/application-notes/AN974-WG-TLS-SMTP-Example.pdf
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/tls-client
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/https-server
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/https-intermediate-certs
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/web-page-tls-cert
Links regarding the attack:
https://www.wired.com/story/krack-wi-fi-iot-security-broken/
https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update
About Symmetry Electronics Team
Established in 1998, Symmetry Electronics is a focused global distributor of wireless connectivity solutions, sensors, and audio-video technologies. Offering comprehensive design support and available-to-ship inventory, Symmetry is committed to helping engineers accelerate time to market, reduce costs, and offer modern solutions for their IoT designs. Acquired by Berkshire Hathaway company, TTI, Inc. in 2017, Symmetry Electronics is part of the Exponential Technology Group (XTG) – a supergroup of electronic component distributors and engineering services firms working together to advance the electronics industry. For more information, visit www.symmetryelectronics.com.