Re: WPA packet number reuse with replayed messages and key reinstallation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Oct 18, 2017 at 06:45:56PM +0300, Yaniv Klinger wrote:
> On the "Impact on AP/Hostapd" section on the site it is mentioned that:
> "When AP/Authenticator implementation in hostapd is requested to rekey
> the PTK without performing EAP reauthentication (either through local
> periodic rekeying or due to a request from an association station),
> the ANonce value does not get updated ... "
> 
> My question if this case is applicable only to Fast BSS Transition
> (FT), because as I see it, it might happen also on WPA, when
> supplicant has a MIC problem, regardless of FT, and AP is not running
> local periodic rekeying. If so, is this patch needed ?

This "Fix PTK rekeying to generate a new ANonce" patch is completely
independent of FT and is needed for all cases where hostapd is used.
Only the "hostapd: Avoid key reinstallation in FT handshake" patch is
specific to FT.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux