krack

CTS 096: Deep Dive into KRACK with Hemant Chaskar

Hemant Chaskar, VP of Technology and CISO of Mojo Networks, joins the podcast to talk about the technical details around KRACK.

Title image for CTS 096

Hemant Chaskar On KRACK

Let’s welcome Hemant Chaskar of Mojo Networks.

Hemant Chaskar is a Vice President and CISO at Mojo Networks. His past work has spanned wireless, networking and security, with the recent 12 years in enterprise WiFi as technology expert, product designer and technical evangelist. At Mojo, he has been spearheading the development of access, intrusion prevention and cloud based WiFi solutions.

Mojo Networks is a provider of enterprise cloud managed WiFi solution, with a vision to create networks that reach new heights in performance, security, scalability, and ease-of-use. It strives to liberate networks from proprietary hardware and utilize the full power of the cloud to deliver Cognitive WiFi: a self-driving network that makes things remarkably simple and reliable at massive scale.

This episode gets very technical as François and Hemant go into the details of how KRACK works by starting from the beginning..

What exactly is in this episode?

  • Review of WPA2 crypto
  • CCM
  • Review of AES-CTR
  • What is an AES-CTR Nonce
  • What is a nonce?
  • How does GCM differ from CCM
  • Attacking the EAPOL 4-Way Handshake
    • EAPOL overview
    • Impact
    • Severity
    • Countermeasures
  • Attacking Group Key Handshake
  • Attacking 802.11r FT Handshake
  • Lessons learned

Links and Resources