From owner-freebsd-security@freebsd.org Tue Oct 17 10:17:58 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 12FF6E35557 for ; Tue, 17 Oct 2017 10:17:58 +0000 (UTC) (envelope-from freebsd.lists@whitewinterwolf.com) Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D0CC266A6A for ; Tue, 17 Oct 2017 10:17:57 +0000 (UTC) (envelope-from freebsd.lists@whitewinterwolf.com) X-Originating-IP: 93.26.153.77 Received: from [10.137.2.15] (77.153.26.93.rev.sfr.net [93.26.153.77]) (Authenticated sender: lists@whitewinterwolf.com) by relay5-d.mail.gandi.net (Postfix) with ESMTPSA id C6F6841C08B; Tue, 17 Oct 2017 12:17:55 +0200 (CEST) Subject: Re: WPA2 bugz - One Man's Quick & Dirty Response To: Karl Denninger , freebsd-security@freebsd.org References: <27180.1508206466@segfault.tristatelogic.com> From: "WhiteWinterWolf (Simon)" Message-ID: Date: Tue, 17 Oct 2017 12:17:55 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Oct 2017 10:17:58 -0000 Hi Karl, Le 17/10/2017 à 04:24, Karl Denninger a écrit : > Please understand that if you can get an AP to hand you a zero'd key > (with an intentionally "weak" client) THEN THAT PERSON JUST BECAME > ABLE TO ATTACH TO YOUR NETWORK AS AN AUTHORIZED USER. As per my understanding, this attack only allows to join the network in the case of Wireless Gigabit GCMP (WiGig) which is currently uncommon. Common implementations such as WPA2 CCMP and legacy WPA TKIP only allow the attacker to intercept and manipulate transmitted data. No way has been found yet for the attacker to forge handshake messages, join a network or otherwise determine network's password. Moreover, traffic interception either requires the traffic to be in clear form or communication security to be poorly implemented. I personally hope this will again raise the interest toward a fully encrypted Internet and clear communication becoming the exception instead of the norm. Clear-text transmission of user's data is a plague which should be removed. > Incidentally, has anyone yet figured out if this vector works on a > network configured for machine certificates instead of a PSK? I'm not > certain from what I've looked at yet, and that is bothering me a LOT > for what should be obvious reasons. Yes, as the author states in the attacks details[1] this attack also affect enterprise WiFi networks, and both client and server must be patched for the fix to work so any unpatched device (BYOD...) will remain a vulnerable point in the corporate infrastructure. [1]: https://www.krackattacks.com/#details -- WhiteWinterWolf https://www.whitewinterwolf.com