<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="zh">
	<id>https://arolstar52-zhtest.hf.space/index.php?action=history&amp;feed=atom&amp;title=KRACK</id>
	<title>KRACK - 版本历史</title>
	<link rel="self" type="application/atom+xml" href="https://arolstar52-zhtest.hf.space/index.php?action=history&amp;feed=atom&amp;title=KRACK"/>
	<link rel="alternate" type="text/html" href="https://arolstar52-zhtest.hf.space/index.php?title=KRACK&amp;action=history"/>
	<updated>2026-07-18T15:55:09Z</updated>
	<subtitle>本wiki上该页面的版本历史</subtitle>
	<generator>MediaWiki 1.43.9</generator>
	<entry>
		<id>https://arolstar52-zhtest.hf.space/index.php?title=KRACK&amp;diff=2957319&amp;oldid=prev</id>
		<title>imported&gt;Ohtashinichiro：​使用HotCat已移除Category:2017年建立; 已添加Category:2017年面世</title>
		<link rel="alternate" type="text/html" href="https://arolstar52-zhtest.hf.space/index.php?title=KRACK&amp;diff=2957319&amp;oldid=prev"/>
		<updated>2025-12-25T02:39:01Z</updated>

		<summary type="html">&lt;p&gt;使用&lt;a href=&quot;/index.php?title=WP:HOTCAT&amp;amp;action=edit&amp;amp;redlink=1&quot; class=&quot;new&quot; title=&quot;WP:HOTCAT（页面不存在）&quot;&gt;HotCat&lt;/a&gt;已移除&lt;a href=&quot;/wiki/Category:2017%E5%B9%B4%E5%BB%BA%E7%AB%8B&quot; title=&quot;Category:2017年建立&quot;&gt;Category:2017年建立&lt;/a&gt;; 已添加&lt;a href=&quot;/wiki/Category:2017%E5%B9%B4%E9%9D%A2%E4%B8%96&quot; title=&quot;Category:2017年面世&quot;&gt;Category:2017年面世&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;&lt;b&gt;新页面&lt;/b&gt;&lt;/p&gt;&lt;div&gt;{{NoteTA&lt;br /&gt;
|G1=IT&lt;br /&gt;
|1=zh-cn:重放攻击; zh-tw:重送攻擊;&lt;br /&gt;
}}&lt;br /&gt;
[[File:KRACK-logo-small.png|缩略图|KRACK攻击徽标]]&lt;br /&gt;
&amp;#039;&amp;#039;&amp;#039;KRACK&amp;#039;&amp;#039;&amp;#039;（取自“Key Reinstallation Attack”的缩写，中文：&amp;#039;&amp;#039;&amp;#039;密钥重装攻击&amp;#039;&amp;#039;&amp;#039;）是一种针对保护[[Wi-Fi]]连接的[[WPA|Wi-Fi Protected Access]]（WPA2）协议的攻击手段，于2017年由&amp;lt;ref&amp;gt;{{Cite web|url=https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/|title=New KRACK Attack Breaks WPA2 WiFi Protocol|date=2017|last=Cimpanu|first=Catalin|accessdate=2017-10-16|archive-date=2017-10-18|archive-url=https://web.archive.org/web/20171018034937/https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/|dead-url=yes}}&amp;lt;/ref&amp;gt;[[比利时]]研究员Mathy Vanhoef和[[荷语天主教鲁汶大学|鲁汶大学]]Frank Piessens发现。&amp;lt;ref name=&amp;quot;Gallagher2017&amp;quot;&amp;gt;{{Cite news|url=https://arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security|title=How the KRACK attack destroys nearly all Wi-Fi security|last=Gallagher|first=Sean|date=2017-10-16|work=Ars Technica|accessdate=2017-10-16|language=en-us|archive-date=2020-11-12|archive-url=https://web.archive.org/web/20201112042135/https://arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security/|dead-url=no}}&amp;lt;/ref&amp;gt;Vanhoef的研究小组于2017年10月公布了此攻击的有关细节。&amp;lt;ref name=&amp;quot;Hern2017&amp;quot;&amp;gt;{{Cite news|url=http://www.theguardian.com/technology/2017/oct/16/wpa2-wifi-security-vulnerable-hacking-us-government-warns|title=&amp;#039;All wifi networks&amp;#039; are vulnerable to hacking, security expert discovers|last=Hern|first=Alex|date=2017-10-16|work=The Guardian|accessdate=2017-10-16|language=en-GB|issn=0261-3077|archive-date=2020-12-23|archive-url=https://web.archive.org/web/20201223152403/https://www.theguardian.com/technology/2017/oct/16/wpa2-wifi-security-vulnerable-hacking-us-government-warns|dead-url=no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{cite web|title=消息称WPA2加密协议已遭破解 漏洞有十个之多|url=http://finance.jrj.com.cn/tech/2017/10/16180123238901.shtml|website=金融界|accessdate=2017-10-16|archive-date=2019-07-21|archive-url=https://web.archive.org/web/20190721092137/http://finance.jrj.com.cn/tech/2017/10/16180123238901.shtml|dead-url=no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{cite web|title=KRACK 攻击能解密 Android 设备传输的数据，OpenBSD 提前释出补丁|url=http://www.solidot.org/story?sid=54142|website=solidot|accessdate=2017-10-16|archive-date=2017-12-19|archive-url=https://web.archive.org/web/20171219134551/http://www.solidot.org/story?sid=54142|dead-url=no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{cite web|title=WiFi重大安全漏洞曝光 网安专家支招轻松防范|url=http://it.people.com.cn/n1/2017/1017/c1009-29592770.html|website=人民网|accessdate=2017-10-17|archive-date=2017-10-17|archive-url=https://web.archive.org/web/20171017203258/http://it.people.com.cn/n1/2017/1017/c1009-29592770.html|dead-url=no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
此漏洞影响所有主要软件平台，包括[[Microsoft Windows]]、[[macOS]]、[[iOS]]、[[Android]]以及[[Linux]]。被Linux、Android和[[OpenBSD]]广泛使用的开源实现{{le|wpa_supplicant}}尤易受到影响，其可以被操纵安装全零的[[密钥|加密密钥]]，从而在[[中间人攻击]]中有效消除WPA2的防护能力。&amp;lt;ref name=&amp;quot;Goodin2017&amp;quot;&amp;gt;{{Cite news|url=https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/|title=Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping|last=Goodin|first=Dan|date=2017-10-16|work=Ars Technica|accessdate=2017-10-16|language=en-us|archive-date=2020-03-08|archive-url=https://web.archive.org/web/20200308052941/https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/|dead-url=no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{Cite news|url=https://www.theverge.com/2017/10/16/16481252/wi-fi-hack-attack-android-wpa-2-details|title=41 percent of Android phones are vulnerable to &amp;#039;devastating&amp;#039; Wi-Fi attack|work=The Verge|accessdate=2017-10-16|archive-date=2020-11-12|archive-url=https://web.archive.org/web/20201112035913/https://www.theverge.com/2017/10/16/16481252/wi-fi-hack-attack-android-wpa-2-details|dead-url=no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 细节 ==&lt;br /&gt;
此攻击针对WPA2协议中建立一个[[Nonce]]（一种共享密钥）的四次握手。WPA2的标准预期有偶尔发生的Wi-Fi断开连接，并允许使用同样的值重连第三次握手，以做到快速重连和连续性。因为标准不要求在此种重连时使用不同密钥，所以可能出现重放攻击。攻击者还可以反复重发另一设备的第三次握手来重复操纵或重置WPA2的加密密钥。每次重置都会使用相同的值来加密数据，因此可以看到和匹配有相同数据的块，识别出被加密密钥链的数据块。随着反复的重置暴露越来越多的密钥链，最终整个密钥链将被获知，攻击者将可读取目标在此连接上的所有流量。WPA2通常用于移动设备至固定接入点或家庭路由器的连接，尽管某些流量本身可能被[[SSL]]/[[TLS]]等协议加密，但风险仍十分严重。&amp;lt;ref&amp;gt;{{Cite web |url=https://www.eyerys.com/articles/news/krack-attack-wi-fi-protocol-vulnerability-leaves-networks-and-devices-risk |title=KRACK Attack: Wi-Fi Protocol Vulnerability Leaves Networks And Devices At Risk |work=Eyerys.com |access-date=2017-10-17 |archive-date=2017-10-24 |archive-url=https://web.archive.org/web/20171024143811/https://www.eyerys.com/articles/news/krack-attack-wi-fi-protocol-vulnerability-leaves-networks-and-devices-risk |dead-url=no }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
根据{{le|US-CERT}}介绍&amp;lt;ref&amp;gt;{{Cite news|url=https://www.v3.co.uk/v3-uk/news/3019219/world-wifi-at-risk-from-krack|title=World WiFi at risk from KRACK|last=Merriman|first=Chris|date=2017-10-16|work=V3|accessdate=2017-10-16|language=en|archive-date=2018-01-08|archive-url=https://web.archive.org/web/20180108150532/https://www.v3.co.uk/v3-uk/news/3019219/world-wifi-at-risk-from-krack|dead-url=no}}&amp;lt;/ref&amp;gt;：&amp;lt;blockquote&amp;gt;US-CERT已经意识到WPA2安全协议中四次握手的数个密钥管理漏洞。利用这些漏洞所能造成的影响包括解密、[[重放攻击]]、TCP[[会话劫持]]、HTTP内容注入等等。此弱点存在于协议本身，遵循标准完成的大部分或所有协议实现都可能受到影响。CERT/CC和研究员Leuven于2017年10月16日公开披露了漏洞细节。&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
介绍该漏洞的文档已提供在线下载&amp;lt;ref&amp;gt;{{Cite web|url=https://papers.mathyvanhoef.com/ccs2017.pdf|title=Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2|date=2017|last=Vanhoef|first=Mathy|accessdate=2017-10-16|archive-date=2021-01-16|archive-url=https://web.archive.org/web/20210116044924/http://papers.mathyvanhoef.com/ccs2017.pdf|dead-url=no}}&amp;lt;/ref&amp;gt;，并将于11月1日在[[计算机协会|ACM]]计算机与通信安全会议上正式提交。&lt;br /&gt;
&lt;br /&gt;
US-CERT正在追踪此漏洞，名列VU#228519。&amp;lt;ref&amp;gt;{{Cite web|url=https://www.kb.cert.org/vuls/byvendor?searchview&amp;amp;Query=FIELD+Reference=228519&amp;amp;SearchOrder=4|title=Vendor Information for VU#228519|accessdate=2017-10-16|archive-url=https://web.archive.org/web/20171016175421/https://www.kb.cert.org/vuls/byvendor?searchview&amp;amp;Query=FIELD+Reference=228519&amp;amp;SearchOrder=4|archive-date=2017-10-16|dead-url=yes}}&amp;lt;/ref&amp;gt;下列[[通用漏洞披露|CVE标识符]]与此KRACK漏洞相关：{{CVE|2017-13077}}、{{CVE|2017-13078}}、{{CVE|2017-13079}}、{{CVE|2017-13080}}、{{CVE|2017-13081}}、{{CVE|2017-13082}}、{{ CVE|2017-13084}}、{{CVE|2017-13086}}、{{CVE|2017-13087}}、{{CVE|2017-13088}}。&lt;br /&gt;
&lt;br /&gt;
用户可以更新Wi-Fi客户端（如[[操作系统]]）和Wi-Fi接入点设备[[固件]]来抵御攻击。&amp;lt;reF&amp;gt;&lt;br /&gt;
{{Cite web |url=https://github.com/kristate/krackinfo |title=存档副本 |accessdate=2017-10-17 |archive-date=2019-04-29 |archive-url=https://web.archive.org/web/20190429040024/https://github.com/kristate/krackinfo |dead-url=no }}&lt;br /&gt;
&amp;lt;/reF&amp;gt;&amp;lt;ref&amp;gt;{{Cite web |url=https://char.gd/blog/2017/wifi-has-been-broken-heres-the-companies-that-have-already-fixed-it |title=WiFi is broken – here&amp;#039;s the companies that have already fixed it |accessdate=2017-10-17 |archive-date=2020-12-18 |archive-url=https://web.archive.org/web/20201218234136/https://char.gd/blog/2017/wifi-has-been-broken-heres-the-companies-that-have-already-fixed-it |dead-url=no }}&amp;lt;/ref&amp;gt;但是，许多较旧的设备可能很晚乃至永远不会得到修复更新。&amp;lt;ref&amp;gt;{{Cite web |url=https://www.tomsguide.com/us/wifi-krack-attack-what-to-do,news-25990.html |title=存档副本 |accessdate=2017-10-17 |archive-date=2020-11-12 |archive-url=https://web.archive.org/web/20201112023906/https://www.tomsguide.com/us/wifi-krack-attack-what-to-do,news-25990.html |dead-url=no }}&amp;lt;/reF&amp;gt;&amp;lt;ref&amp;gt;{{Cite web |url=https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/ |title=存档副本 |accessdate=2017-10-16 |archive-date=2017-10-18 |archive-url=https://web.archive.org/web/20171018034937/https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/ |dead-url=yes }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 参见 ==&lt;br /&gt;
* {{le|无线网安全|Wireless security}}&lt;br /&gt;
&lt;br /&gt;
== 参考资料 ==&lt;br /&gt;
{{Reflist}}&lt;br /&gt;
&lt;br /&gt;
== 外部链接 ==&lt;br /&gt;
* https://www.krackattacks.com/{{Wayback|url=https://www.krackattacks.com/ |date=20171018040508 }}&lt;br /&gt;
&lt;br /&gt;
[[Category:2017年面世]]&lt;br /&gt;
[[Category:保全漏洞]]&lt;br /&gt;
[[Category:Wi-Fi]]&lt;/div&gt;</summary>
		<author><name>imported&gt;Ohtashinichiro</name></author>
	</entry>
</feed>