[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Breaking WPA2 by forcing nonce reuse

On 19/10/2017 21:42, Celejar wrote

like the printer. Henrique recently noted that there is a setting
available on new OpenWRT and LEDE builds that can help, but it's
apparently not yet included in any release yet:



I sent that a day ago, but for some reason it didn't make it to the list:


17.01.4 just released [2] with fixed wpa and possibility to activate an AP side workaround. It is just a mitigation really, but should in practice impair an exploit. It is OFF by default.


"an optional AP-side
workaround was introduced in hostapd to complicate these attacks,
slowing them down. Please note that this does not fully protect you from
them, especially when running older versions of wpa_supplicant
vulnerable to CVE-2017-13086, which the workaround does not address. As
this workaround can cause interoperability issues and reduced robustness
of key negotiation, this workaround is disabled by default."

Option in hostapd.sh [1] is:


[1] https://git.lede-project.org/?p=source.git;a=commitdiff;h=d501786ff25684208d22b7c93ce60c194327c771

[2] https://downloads.lede-project.org/releases/17.01.4/targets/

So it is part of Latest LEDE release, but I am not aware of other distro using this workaround. It comes with a few potential problems, so must be thoroughly tested before being deployed, and it likely breaks standards which is never good.

Reply to: