Is anyone else annoyed that the WPA2 KRACK paper author sat on it for >2mos before any disclosure and 5mos before public disclosure?
Show this thread
-
Seems it didn't entirely avoid it though: https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/041_net80211_replay.patch.sig …
Hmm, the memcmp part of that patch of old vs new key makes me wonder if you could flip-flop between two keys by replaying packets.
-
-
Ha good question. Haven't read the code thoroughly, hopefully there's some reason a "message 3" from a different handshake would be rejected
-
Also here's some additional comments that were added yesterday: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net80211/ieee80211_pae_input.c.diff?r1=1.30&r2=1.31 …
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.