{"guid":"ff24373e-ebe2-4077-9db0-eae5ab003538","title":"KRACKing WPA2 by Forcing Nonce Reuse","subtitle":null,"slug":"34c3-9273-kracking_wpa2_by_forcing_nonce_reuse","link":"https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9273.html","description":"We introduce key reinstallation attacks (KRACKs). These attacks abuse features of a protocol to reinstall an already in-use key, thereby resetting nonces and/or replay counters associated to this key. We show that our novel attack technique breaks several handshakes that are used in a WPA2-protected network.","original_language":"eng","persons":["Mathy Vanhoef"],"tags":["34c3","9273","Security"],"view_count":3376,"promoted":false,"date":"2017-12-27T00:00:00.000+01:00","release_date":"2017-12-28T01:00:00.000+01:00","updated_at":"2026-03-17T00:45:03.099+01:00","length":3701,"duration":3701,"thumb_url":"https://static.media.ccc.de/media/congress/2017/9273-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2017/9273-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2017/ff24373e-ebe2-4077-9db0-eae5ab003538-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2017/ff24373e-ebe2-4077-9db0-eae5ab003538-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/34c3-9273-kracking_wpa2_by_forcing_nonce_reuse","url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_title":"34C3: TUWAT","conference_url":"https://api.media.ccc.de/public/conferences/34c3","related":[{"event_id":4762,"event_guid":"b036385c-ec1a-44e5-ae48-af703ce9b5d3","weight":95},{"event_id":4763,"event_guid":"2ef3b60f-6e5c-4c23-a145-d263685ec13e","weight":132},{"event_id":4764,"event_guid":"da934433-0092-4749-b606-56b65e84214f","weight":86},{"event_id":4765,"event_guid":"9326038b-f781-4707-b35a-9ef52f98d35a","weight":80},{"event_id":4766,"event_guid":"19b7e5d7-bba7-46da-afbc-f16d43fe395f","weight":160},{"event_id":4767,"event_guid":"f2ca3661-30c8-476e-9d6b-920bb20b21eb","weight":117},{"event_id":4784,"event_guid":"65a25dfd-56dd-4e87-a910-334e2dc25a9c","weight":162},{"event_id":4785,"event_guid":"4c4af291-e9ed-4dc9-8b2e-9062db9924fa","weight":140},{"event_id":4790,"event_guid":"edd02e52-28f8-4f3e-8b17-75cffecb6d7f","weight":166},{"event_id":4791,"event_guid":"8d29d28d-a222-4731-bdfc-fde590385cae","weight":90},{"event_id":4793,"event_guid":"22027440-b3fb-49d5-a35b-b86e7d77cfb9","weight":76},{"event_id":4794,"event_guid":"a2887b4a-0c9d-4220-a52f-c65c20ae25d7","weight":177},{"event_id":4795,"event_guid":"722ce759-9cde-4e3b-8db5-5a97aa9673d9","weight":104},{"event_id":4800,"event_guid":"a9ebf7e3-abc5-49d9-8efe-316b3bc52902","weight":68},{"event_id":4812,"event_guid":"7edaed35-e938-4a13-b21c-aac4bb0ebf94","weight":95},{"event_id":4823,"event_guid":"bf924a39-2860-4e27-8741-b8fa0c010363","weight":90},{"event_id":4826,"event_guid":"16645200-2036-4a3c-a44d-a5ff44ac2991","weight":203},{"event_id":4830,"event_guid":"5cf8c222-47d3-4741-9324-be182b4d0fb8","weight":68},{"event_id":4832,"event_guid":"275f85de-d612-4440-8755-85dee5912f12","weight":137},{"event_id":4833,"event_guid":"e1a60f7b-6a56-4dce-ab3a-c686fa940aa8","weight":111},{"event_id":4842,"event_guid":"581ccbad-4bbf-47a2-8845-f52278d61061","weight":98},{"event_id":4855,"event_guid":"51b586be-500c-436e-b70c-fc433e65c4be","weight":101},{"event_id":4866,"event_guid":"117a52b4-f675-49dd-aafe-659c07b6bc9c","weight":101},{"event_id":4898,"event_guid":"8c303809-3c7c-4532-ab1e-c9a4e7c38245","weight":81},{"event_id":4929,"event_guid":"8e222759-cd6b-403b-8fe1-3517bf7d2802","weight":87}],"recordings":[{"size":null,"length":null,"mime_type":"application/x-subrip","language":"eng","filename":"34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse.en.srt","state":"complete","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2021-02-21T17:46:45.032+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse.en.srt","url":"https://api.media.ccc.de/public/recordings/44465","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":227,"length":3701,"mime_type":"video/mp4","language":"eng","filename":"34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-12-28T13:46:36.619+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/h264-hd/34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp4","url":"https://api.media.ccc.de/public/recordings/20881","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":227,"length":3701,"mime_type":"video/mp4","language":"deu","filename":"34c3-9273-deu-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-12-28T13:46:45.770+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/h264-hd/34c3-9273-deu-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp4","url":"https://api.media.ccc.de/public/recordings/20882","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":229,"length":3701,"mime_type":"video/mp4","language":"spa","filename":"34c3-9273-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-12-28T13:46:55.251+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/h264-hd/34c3-9273-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp4","url":"https://api.media.ccc.de/public/recordings/20883","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":419,"length":3701,"mime_type":"video/mp4","language":"eng-deu-spa","filename":"34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-12-28T13:47:08.810+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/h264-hd/34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_hd.mp4","url":"https://api.media.ccc.de/public/recordings/20884","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":318,"length":3701,"mime_type":"video/webm","language":"eng-deu-spa","filename":"34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2017-12-28T15:15:57.186+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/webm-sd/34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/20931","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":227,"length":3701,"mime_type":"video/mp4","language":"eng-deu-spa","filename":"34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2017-12-28T15:16:24.827+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/h264-sd/34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_sd.mp4","url":"https://api.media.ccc.de/public/recordings/20932","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":251,"length":3701,"mime_type":"video/mp4","language":"eng-deu-spa","filename":"34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_hd-slides.mp4","state":"new","folder":"slides-h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-12-28T17:17:30.866+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/slides-h264-hd/34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_hd-slides.mp4","url":"https://api.media.ccc.de/public/recordings/21064","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":496,"length":3701,"mime_type":"video/webm","language":"eng-deu-spa","filename":"34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-12-28T17:29:41.675+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/webm-hd/34c3-9273-eng-deu-spa-KRACKing_WPA2_by_Forcing_Nonce_Reuse_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/21086","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":56,"length":3686,"mime_type":"audio/mpeg","language":"eng","filename":"34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2017-12-28T20:31:53.035+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/mp3/34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse.mp3","url":"https://api.media.ccc.de/public/recordings/21162","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":38,"length":3686,"mime_type":"audio/opus","language":"eng","filename":"34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2017-12-28T20:34:09.692+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/opus/34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse.opus","url":"https://api.media.ccc.de/public/recordings/21166","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":71,"length":3701,"mime_type":"video/mp4","language":"eng","filename":"34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse_sd-slides.mp4","state":"new","folder":"slides-h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-01-02T15:35:24.120+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/slides-h264-sd/34c3-9273-eng-KRACKing_WPA2_by_Forcing_Nonce_Reuse_sd-slides.mp4","url":"https://api.media.ccc.de/public/recordings/22287","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"},{"size":2,"length":null,"mime_type":"application/pdf","language":"eng","filename":"34c3-9273-kracking_wpa2_by_forcing_nonce_reuse.pdf","state":"new","folder":"slides-pdf","high_quality":true,"width":null,"height":null,"updated_at":"2018-01-08T18:51:11.217+01:00","recording_url":"https://cdn.media.ccc.de/congress/2017/slides-pdf/34c3-9273-kracking_wpa2_by_forcing_nonce_reuse.pdf","url":"https://api.media.ccc.de/public/recordings/22441","event_url":"https://api.media.ccc.de/public/events/ff24373e-ebe2-4077-9db0-eae5ab003538","conference_url":"https://api.media.ccc.de/public/conferences/34c3"}]}