Re: [OT] Breaking WPA2 by forcing nonce reuse

To: debian-user@lists.debian.org
Subject: Re: [OT] Breaking WPA2 by forcing nonce reuse
From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>
Date: Fri, 20 Oct 2017 10:05:34 +0530
Message-id: <[🔎] 94db0c7f-6cf6-e0c4-3e66-2a78dd98ee42@googlemail.com>
In-reply-to: <[🔎] 20171019121240.6c8c8a3699e675ac92a63354@gmail.com>
References: <[🔎] slrnou9kqp.48k.curty@einstein.electron.org> <[🔎] 1b6d0e14-20e7-0ef3-7f64-974758f78eb3@googlemail.com> <[🔎] 20171016151906.00a26195581b774880c07430@gmail.com> <[🔎] c47ba314-5118-697f-7189-eacbd5d2d13b@googlemail.com> <[🔎] 20171017105715.87134337517be7c2b77ba6ec@gmail.com> <[🔎] 17102017184955.cbe671b90b6e@desktop.copernicus.org.uk> <[🔎] 20171018213048.6e1bed0f5192e55e75d9f633@gmail.com> <[🔎] 19102017100229.d6ca0e8c0b74@desktop.copernicus.org.uk> <[🔎] 20171019110701.068af36036d800dbf4f49c4e@gmail.com> <[🔎] 19102017161739.952840d13b59@desktop.copernicus.org.uk> <[🔎] 20171019121240.6c8c8a3699e675ac92a63354@gmail.com>

On 19/10/2017 21:42, Celejar wrote

[...]

like the printer. Henrique recently noted that there is a setting
available on new OpenWRT and LEDE builds that can help, but it's
apparently not yet included in any release yet:

https://lists.debian.org/debian-user/2017/10/msg00593.html

Celejar


I sent that a day ago, but for some reason it didn't make it to the list:

Hi,

17.01.4 just released [2] with fixed wpa and possibility to activate an AP side workaround. It is just a mitigation really, but should in practice impair an exploit. It is OFF by default.

Quote:

"an optional AP-side
workaround was introduced in hostapd to complicate these attacks,
slowing them down. Please note that this does not fully protect you from
them, especially when running older versions of wpa_supplicant
vulnerable to CVE-2017-13086, which the workaround does not address. As
this workaround can cause interoperability issues and reduced robustness
of key negotiation, this workaround is disabled by default."

Option in hostapd.sh [1] is:

wpa_disable_eapol_key_retries


[1] https://git.lede-project.org/?p=source.git;a=commitdiff;h=d501786ff25684208d22b7c93ce60c194327c771

[2] https://downloads.lede-project.org/releases/17.01.4/targets/

So it is part of Latest LEDE release, but I am not aware of other distrousing this workaround. It comes with a few potential problems, so mustbe thoroughly tested before being deployed, and it likely breaksstandards which is never good.

Reply to:

Follow-Ups:
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: rhkramer@gmail.com
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Brad Rogers <brad@fineby.me.uk>

References:
- [OT] Breaking WPA2 by forcing nonce reuse
  - From: Curt <curty@free.fr>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Brian <ad44@cityscape.co.uk>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Brian <ad44@cityscape.co.uk>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Brian <ad44@cityscape.co.uk>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>

Prev by Date: Re: thinkpad mute button not working since upgrade to stretch
Next by Date: Re: [Pkg-utopia-maintainers] network-manager-gnome - Ethernet - Security - 802.1x - Password can't be changed
Previous by thread: Re: [OT] Breaking WPA2 by forcing nonce reuse
Next by thread: Re: [OT] Breaking WPA2 by forcing nonce reuse
Index(es):
- Date
- Thread