[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Breaking WPA2 by forcing nonce reuse

On 16/10/2017 21:12, Curt wrote:

  Our attack is especially catastrophic against version 2.4 and above of
  wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will
  install an all-zero encryption key instead of reinstalling the real key.


It was addressed in Debian by DSA-3999-1 I think, but will probably linger for a long time on routers, phones, appliances and IoT all over the world. After Bluetooth a few weeks ago, now wpa2 wifi, most of the wireless consumer electronic have it's base covered and ripe for cracking...

Reply to: