What is KRACK and how it works
KRACK (or Key Reinstallation Attacks)
is an exploit that affects the core WPA2 protocol itself and can be used against Android, Linux, and OpenBSD devices; a little bit less effective against macOS and Windows, as well as MediaTek Linksys, as well as some other devices. The site with research results noted that attackers can use the exploit to decrypt multiple types of sensitive data that is usually considered safe as it is encrypted with Wi-Fi encryption protocol.
KRACK exploits a four-way handshake that's normally executed when a user connects to a WPA2-protected Wi-Fi network. Handshake is executed to confirm that both a user and an access point bear the correct credentials. What KRACK does is it tricks the vulnerable client into reinstalling a key that is already in use, forcing the reset of packet numbers with valuable parameters. This way the cryptographic nonce is reused to allow the encryption to be bypassed.
There is more insight on KRACK in the article by Sean Gallagher
, and Dan Goodin
, Ars Technica.
The biggest threat KRACK poses is to large corporate and governmental Wi-Fi networks, especially if they accept connections from Linux and Android devices. The hackers should be within the attacked Wi-Fi range in order to carry out the attack, they probably wouldn't bother much with home Wi-Fi networks, plus there are easier ways to attack small home Wi-Fi, again, especially if they connect with Linux or Android devices.