Does KRACK break TLS?

KRACK is on the Network layer of the OSI model, while TLS is on the Session layer. So no, they do not influence each other, provided that the client can not be tricked into using a non-TLS connection (SSLstrip).

The basic threat from KRACK is that it allows an attacker to decrypt all packages on the network layer that the victim sends / receives. This includes all cleartext communication (e.g. that which many email programs still employ, local network device connections, etc.).

This means that if you display the network key and an attack is seeing all your traffic they can simply make a full connection to your network and wreak havoc on it any way they see fit.

If there are other vulnerabilities in the implementation (e.g., what happens in Android 6), then the attacker can even manipulate packages in transit to the victim. (both encrypted and cleartext can be manipulated). However the attacker can not read its contents if the packets themselves are encrypted by a session layer protocol (e.g. TLS). This opens up the possibility to change key values or redirect the victim to an attackers site for infection.

So while it is a serious breach and must be solved as soon as possible, it should not compromise properly secured traffic. So use a VPN, HSTS, HPKP and ssh, to protect yourself and/or your users.

No, it doesn't affect TLS. In fact, using TLS encrypted sites (HTTPS) is helpful if you're worried about KRACK - an attacker would only be able to see which site is being accessed, but not which pages within the site, or any data which you send to the site.

There are some other recently announced attacks which may affect TLS, and which it's possible that some media coverage has merged the two.

The direct vulnerability of KRACK doesn't affect TLS/SSL encryption, however once the MITM is established SSLstrip can be used to strip HTTPS down to HTTP. This is shown in the official video demonstration where login credentials for match.com are sniffed from an Android device.