[cryptography] RC4 is dangerous in ways not yet known - heads up on near injection WPA2 downgrade to TKIP RC4

coderman coderman at gmail.com
Mon Sep 15 06:23:08 EDT 2014


On 9/15/14, coderman <coderman at gmail.com> wrote:
>...
> yes, this is all for now. :)

i lied and one last clarification before day is done:

why do you care if this assumes knowledge of the pairwise master key?
a) my poc sucks; make a better one able to manipulate EAPOL frames without PMK!
b) presumably still useful if client SNonce is missed (easier to hear
loud access points than quiet clients behind more obstacles?)

switch to WPA2-EAP-PWD, WPA2-EAP-TTLSv0|v1, WPA2-EAP-PEAP, anything
other than PSK... i can't say for sure that WPA-Enterprise is immune
to this attack, but it is certainly better in many respects
regardless.


More information about the cryptography mailing list