UPDATE: WPA2 Protocol Flaw Discovered (October 16, 2017). See below for details on Key Reinstallation Attacks (KRACK).
Short for Wi-Fi Protected Access 2, WPA2 is the security method added to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the IEEE 802.11i standard, WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm and 802.1x-based authentication.
There are two versions of WPA2: WPA2-Personal, and WPA2-Enterprise. WPA2-Personal protects unauthorized network access by utilizing a set-up password. WPA2-Enterprise verifies network users through a server. WPA2 is backward compatible with WPA.
WPA2 Protocol Flaw Discovered
On October 16, 2017 security researchers disclosed high-severity vulnerabilities in the WPA2 Protocol that would make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points. The proof-of-concept exploit, called KRACK (Key Reinstallation Attacks) affects the core WPA2 protocol itself and is effective against devices running the Android, Linux, Apple, Windows, and OpenBSD operating systems, as well as MediaTek Linksys, and other types of devices. Private disclosure was sent out ahead of the public announcement and vendors have already made patches and updates available to the public.
The full WPA2 protocol flaw disclosure can be found here: Key Reinstallation Attacks Website.
