Hi Joaquim!
18 Oct 2017 01:22, from Joaquim Homrighausen -> Richard Menedetter:
I assume you mean this paper:
https://papers.mathyvanhoef.com/ccs2017.pdf
from the same people.
"Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2"
KRACK for short ;)
Yes. That's the one.
I know ;))
Caused me some headaches yesterday at work ...
It will continute to do so for a while ...
We are reselling different WLAN enabled devices.
Before the details have been revealed it was not clear if it is an AP issue or a client issue.
After the details got public, I can relax a bit, as currently the APs seem OK. I have one WiFi Mesh solution that needs patching (it has implemented 802.11r and is vulnerable)
Vendor feedback was generally along the lines:
"We are not affected as we do not offer client functionality. Detailed review of the information will be done in the next time."
CU, Ricsi
--- GoldED+/LNX
* Origin: The price of greatness is responsibility. (21:1/104)