TKIP attack

Jouni Malinen j at w1.fi
Wed Nov 12 13:01:28 EST 2008


On Wed, Nov 12, 2008 at 07:55:56AM -0800, Miles wrote:
> Jouni, wpa_receive() is only for EAPOL-KEY message, not for encrypted data. isn't it? For MIC error happens in data packets, we will wait 2 times.

Yes, if the MIC failure is detected at the AP, hostapd will wait for two
failure indication before starting countermeasures or doing any
rekeying. As far as the current TKIP chopchop attack is concerned, it
depends on the Michael MIC failure report frame (i.e., that EAPOL-Key
message) to figure out when a guess was correct. As such, it does not
work against the AP as the entity for verifying guesses.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list