A reader remarks on KRACK and Wi-Fi passwords:
My understanding is that KRACK allows MITM sniffing of traffic, but does NOT decrypt your password, nor does any particularly good or bad password make ANY difference to the attack technique. You might want to research this a bit further. I have a feeling that Mr. Weaver is wrong.
Perhaps. I believe the issues of KRACK and Wi-Fi passwords are unconnected. Concerning the KRACK (Key Reinstallation Attacks – and, no, I don’t know what that means) problem I mentioned earlier, here’s more information from the researchers who discovered the problem:
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor. …
As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted.
[Bold in the original.] I’ll decline to offer any interpretation or commentary as there are far more competent folks out there than I. I will say that the problem being in the standard is a bit appalling. On the other hand, this sort of thing is notoriously tricky to get right.