Expressif IoT platforms made safe from KRACK

The recent KRACK exploit has led to fears that this will allow further exploitation of IoT platforms, many of which use WiFi for their internet connection.

One of the most successful recent IoT platforms is the Espressif ESP8266 chip. It is very cheap which doesn’t require a lot of support circuitry, and provides a robust CPU platform at 80Mhz. Many devices use it to become WiFi-connected IoT appliances. Espressif’s updated chipset, the ESP32, is also gaining traction, providing both WiFi and Bluetooth capabilities as well as more GPIO pins.

Quite often chipset manufacturers have been slow to release fixes for security vulnerabilities. It is good to see Espressif release patches for Wifi vulnerabilities like KRACK, especially on the same day as the public announcement of the vulnerability.

These updated libraries are available for the Espressif environments, for Arduino using libraries 2.4.0-rc2, using their staging environment. Updating to these libraries, and recompiling your project will make it safe from KRACK at the IoT end. Now hopefully you have an Over-The-Air (OTA) update system to distribute this to the thousands of end-points you have deployed.

30 October 2017: Arduino IDE users can follow the instructions from the ‘Guy with Swiss accent’ using the YouTube video below.