Re: [OT] Breaking WPA2 by forcing nonce reuse

To: debian-user@lists.debian.org
Subject: Re: [OT] Breaking WPA2 by forcing nonce reuse
From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>
Date: Mon, 16 Oct 2017 21:27:30 +0530
Message-id: <[🔎] 1b6d0e14-20e7-0ef3-7f64-974758f78eb3@googlemail.com>
In-reply-to: <[🔎] slrnou9kqp.48k.curty@einstein.electron.org>
References: <[🔎] slrnou9kqp.48k.curty@einstein.electron.org>

On 16/10/2017 21:12, Curt wrote:

https://www.krackattacks.com/

  Our attack is especially catastrophic against version 2.4 and above of
  wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will
  install an all-zero encryption key instead of reinstalling the real key.

Uh-oh.

It was addressed in Debian by DSA-3999-1 I think, but will probablylinger for a long time on routers, phones, appliances and IoT all overthe world. After Bluetooth a few weeks ago, now wpa2 wifi, most of thewireless consumer electronic have it's base covered and ripe for cracking...

Reply to:

Follow-Ups:
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: "Alexander V. Makartsev" <avbetev@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>

References:
- [OT] Breaking WPA2 by forcing nonce reuse
  - From: Curt <curty@free.fr>

Prev by Date: Re: Recovering accidentally deleted file folder
Next by Date: Re: [OT] Breaking WPA2 by forcing nonce reuse
Previous by thread: [OT] Breaking WPA2 by forcing nonce reuse
Next by thread: Re: [OT] Breaking WPA2 by forcing nonce reuse
Index(es):
- Date
- Thread