Sebuah celah keamanan pada protokol Wi-Fi Protected Access II telah ditemukan oleh para security researcher. Dengan celah ini, setiap trafik atau koneksi antara perangkat dengan akses poin bisa dimata-matai oleh orang yang tidak bertanggung jawab. Dikutip dari Ars Technica:
According to a researcher who has been briefed on the vulnerability, it works by exploiting a four-way handshake that’s used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it’s resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.
[…]
It wasn’t possible to confirm the details reported in the CERT advisory or to assess the severity at the time this post was going live. If eavesdropping or hijacking scenarios turn out to be easy to pull off, people should avoid using Wi-Fi whenever possible until a patch or mitigation is in place.
Leave a Reply