WPA2 vulnerability KRACK

Since October 16, 2017, there are warnings about a weakness in the design of the WiFi encryption method WPA2.

Due to these weak points, which became known under the name KRACK, it is possible to compromise the connection in WiFi networks. The weakness is due to an error in the implementation of WPA2 and not due to gaps in the mathematical-technical foundation.

The Bundesamt für Sicherheit in der Informationstechnik (BSI) has published a press release regarding the issue. Golem and Heise have been reporting as well.

We recommend installing the newest patches, which will eliminate these voulnerabilities. We ask members of the university to contact their IT support regarding an update of the operating systems.

Additionally, we recommend using Virtual-Private-Networks (VPN) when handling critical data. In doing so, encrypted channels are built up end-to-end, which cannot be monitored by KRACK.

To our present knowledge, wired connections are not affected.