KRACK Patch ETA


#1

I realize this is just going public today but any ETA on when we should expect to see a firmware update that patches the KRACK attack for Particle devices?

See: https://www.krackattacks.com

CVEs:

  • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
  • CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
  • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
  • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
  • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

#2

I asked Cypress this morning! Follow along here!
https://community.cypress.com/thread/31101


#3

It’s worth mentioning that all Particle devices maintain a secure and encrypted session that does not rely on the security of the Wi-Fi network. We’re definitely going to patch quickly and often, as always, but we expect a Particle device to be secure on a totally unsecured WiFi network, so a compromised WPA2 network isn’t a threat.

Thanks,
David


#4

Thanks for the clarification Dave. Knowing that the particle <> server part is secure is good.

Also thanks for the quick ack and response from both of you. Its nice to see that Particle is already on top of it.


#5

Cypress has responded (Cypress community login required).

Summary for :particle:

We use a 43362 module and are vulnerable to “group 2” of the CVEs (CVE-2017-13080, CVE-2017-13081). By the end of October, Cypress will release the following WICED Studio versions that will address these CVEs:

  • 4.1.3
  • 5.2
  • 6.0

As soon as we get those versions of WICED Studio, we’ll release system firmware versions with the patches. At that point, all of you can build your apps with those new system firmware versions, and all will be well.

Let us know if you have questions!

cc: @mdma @BDub @avtolstoy @sergey

EDIT: changed cypress community link to one I hope works better


#6

Perfect, honestly for an IoT platform this seems like a very fast turn-around for getting patched firmware out to your users. Thanks again for the fast response!


#7

Quick status update — WICED Studio 6.0.0 has been released by Cypress, so integrating their KRACK fixes into the 0.5, 0.6, and 0.7 lines of :particle: system firmware will be a top priority this week.


Wpa2 crack/hack
#10

Status update — for those of you who have cloned the firmware repo and set up the toolchain to build locally, the KRACK fixes from Cypress have been incorporated into 3 firmware branches:

  • fix/krack-0.5.x
  • fix/krack-0.6.x
  • fix/krack-0.7.x

Building and flashing all modules (system and app) on these branches will give you a device that is resistant to KRACK. Please don’t do this for production deployments.

The process now begins to cut releases with these changes: 0.5.5, 0.6.3, 0.7.0-rc.4. The firmware release process typically takes days or weeks of QA to ensure compatibility with a lot of sensors and products, depending on what surprise issues arise. We’ll update this thread again when the releases are out.


#11

###Release Update!
Firmware v0.5.5 release is available, which has fixes for the KRACK Wi-Fi vulnerability.


#12

Release Update!

Firmware v0.6.3 release is available, which has fixes for the KRACK Wi-Fi vulnerability.