[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Breaking WPA2 by forcing nonce reuse

On 19/10/2017 16:56, Dan Purgert wrote:
Brian wrote:
Isn't it sufficient to fix one end of the
connection to dispose of the vulnerability?

KRACK is an attack against the *client* side.  It MUST (rfc2119) be that
device that is patched against the attack.

Dan, I'm not sure it's that simple, either.

There are *two* WiFi connections in the Debian-box to Printer case:
i Debian box to Access Point
ii Printer to Access Point

Brian's idea is good for the connection from the Debian box to the Access Point1.

But the connection between the printer, and the Access Point remains vulnerable - particularly to the possible all-zero key.

Your advice is extremely close, and very pertinent, but *both* clients need to be fixed. So Celejar's powerline link may be a reasonable solution for his case.

regards, Ron

Reply to: