[cryptography] RC4 is dangerous in ways not yet known - heads up on near injection WPA2 downgrade to TKIP RC4

coderman coderman at gmail.com
Wed Sep 17 22:27:26 EDT 2014

On 9/16/14, staticsafe <me at staticsafe.ca> wrote:
> ...
> My home Wi-Fi AP (a Mikrotik RouterOS) device is configured as WPA2 PSK
> with TKIP and AES unicast/group ciphers. I see that I can uncheck the
> TKIP check box, is this an acceptable workaround to the issue you
> mentioned?

please test; you will need to force set client bits in driver; this
assumes modified drivers.  it would be awesome for someone to provide
a repro lorcon scapy style, alas, it appears that will not be me.

stribika also mentions this config,
i do not know if this is resistant to client overriding ap prefs, as
in your scenario.  another good variant to check...

apologies; wish i could be more helpful.

best regards,

More information about the cryptography mailing list