Key Reinstallation Attacks called KRACK by Mathy Vanhoef is the vulnerability of the 4-way handshake.  The handshake is a method by which encryption keys are used to encrypt wireless data frames.  The third step of the handshake is KRACK’s dominion, opening connections to TCP hijacking, HTTP content injection, packet replay and decryption.  Wireless networks broadcasts data in all directions and to any listening device. To protect wireless networks against eavesdropping, data encryption protocols were developed with various key sizes.  Wired Equivalent Privacy (WEP), the original data encryption protocol, was the standard in the late 1990s.  After network sniffers were able exploit WEP frequently and multiple complaints, Wi-Fi Alliance officially retired WEP in 2004.  Unlike its predecessor, Wi-Fi Protected Access (WPA) had larger key sizes, message integrity checks and the Temporal Key Integrity Protocol (TKIP); however, WPA was designed as a firmware upgrade to WEP-enabled devices, masking WEP’s vulnerabilities implicitly.  Also, WPA was designed as temporary solution until completion of IEEE 802.11i security standard, which is the core of Wi-Fi Protected Access II (WPA2).  Although TKIP was preserved in WPA2 as a fail-safe, Advanced Encryption Standard (AES) in WPA2 was a more secure algorithm used by governments. Mathy Vanhoef has written a research paper, Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, describing attack and its impact. Vanhoef’s proof-of-concept is demonstrated: KRACK Attacks:Bypassing WPA2 against Andriod and Linux.

^{Resources:
Chacos, B., Simon, M.   ” KRACK Wi-Fi attack threatens all networks: How to stay safe and what you need to know.” PCWorld, 18 October 2017, https://www.pcworld.com/article/3233308/security/krack-wi-fi-security-flaw-faq-tips.html. Accessed 25 October 2017.
Choudhuri, S. “The WPA data encryption protocol you chose depends on your wireless network’s needs.” Cisco, 28 March 2012. https://blogs.cisco.com/smallbusiness/understanding-the-difference-between-wireless-encryption-protocols. Accessed 25 October 2017.
“Wireless and Network Security Integration Solution Design Guide: Chapter 802.11 Security Summary.” Cisco, https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Mobility/secwlandg20/sw2dg/ch3_2_SPMb.html. Accessed 25 October 2017.
Fitzpatrick, J. “The Differnce Between WEP, WPA, and WPA2 Wi-Fi Passowrds.” How-To Geek, 21 September 2016,  https://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/. Accessed 25 October 2017.
Miller, L. “Security Protocols: WEP, WPA, And WPA2.” http://www.dummies.com/computers/computer-networking/wireless/wireless-security-protocols-wep-wpa-and-wpa2/. Accessed 25 October 2017.
Vanhoef, M. “Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse.”  Krackattacks.com,  16 October 2017, https://www.krackattacks.com/. Accesed 25 October 2017.
Vanhoef, M. “KRACK Attacks: Bypassing WPA2 against Android and Linux.” Online video clip. YouTube, 16 October 2017, https://www.youtube.com/watch?v=Oh4WURZoR98. Accessed 25 October 2017.}