From Silicon Labs: KRACK WPA2 Encryption Protocol Vulnerability
About Symmetry Electronics
Established in 1998, Symmetry Electronics, a Division of Braemac, is a global distributor of electronic components and systems. Combining premier components and comprehensive value-added services with an expert in-house engineering team, Symmetry supports engineers in the design, development, and deployment of a broad range of connected technologies.
Exponential Technology Group Member
Acquired by Berkshire Hathaway company TTI, Inc. in 2017, Symmetry Electronics is a proud Exponential Technology Group (XTG) member. A collection of specialty semiconductor distributors and engineering design firms, XTG stands alongside industry leaders TTI Inc., Mouser Electronics, and Sager Electronics. Together, we provide a united global supply chain solution with the shared mission of simplifying engineering, offering affordable technologies, and assisting engineers in accelerating time to market. For more information about XTG, visit www.xponentialgroup.com.
There has been significant press coverage regarding the KRACK attack on the WPA2 protocol used in most modern Wi-Fi systems. With the attack, the security of WPA2 becomes equivalent of using an open, insecure Wi-Fi network. Any service using secure protocols at higher level, such as HTTPS, TLS etc. are still secure.
We are working on patches for our Wi-Fi products.
In the meantime, the mitigation is to secure the implementations using secure application level protocols, such as HTTPS, TLS etc. This should not only be done due to KRACK, but also because that would protect against open Wi-Fi networks, spoofed access points, or monitoring from ISPs or governments. So all systems should be secured at the application levels regardless of KRACK.
Links for how to use TLS / HTTPS:
https://www.silabs.com/documents/login/application-notes/AN974-WG-TLS-SMTP-Example.pdf
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/tls-client
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/https-server
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/https-intermediate-certs
https://docs.zentri.com/zentrios/wz/latest/cmd/apps/web-page-tls-cert
Links regarding the attack:
https://www.wired.com/story/krack-wi-fi-iot-security-broken/
https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update
About Symmetry Electronics
Established in 1998, Symmetry Electronics, a Division of Braemac, is a global distributor of electronic components and systems. Combining premier components and comprehensive value-added services with an expert in-house engineering team, Symmetry supports engineers in the design, development, and deployment of a broad range of connected technologies.
Exponential Technology Group Member
Acquired by Berkshire Hathaway company TTI, Inc. in 2017, Symmetry Electronics is a proud Exponential Technology Group (XTG) member. A collection of specialty semiconductor distributors and engineering design firms, XTG stands alongside industry leaders TTI Inc., Mouser Electronics, and Sager Electronics. Together, we provide a united global supply chain solution with the shared mission of simplifying engineering, offering affordable technologies, and assisting engineers in accelerating time to market. For more information about XTG, visit www.xponentialgroup.com.