Forum

WPA/WPA2 TKIP RC4 keystream discovery attack (For learning purpose)

1 posts by 1 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: April 10, 2010:

By wifikiwi April 10, 2010

Reply

Vertigo, it looks to me like the AP noticed the MIC replay attack but the Windows 7 client did not. From my understanding of the CWNP 802.11i Authentication and Key Management white paper, the GTK is used to encrypt broadcast and multicast data and its derived from the GMK which is used by the AP to make GTK's. So the GTK is sent to the station by the AP, therefore the AP would be the one doing the GTK renewal, not the windows supplicant.

As was pointed out in this previous thread http://www.cwnp.com/bbpress/topic.php?id=3097

" it's tough just to get to the point where the MIC failure is generated." More to the point, the MIC countermeasures are done by the AP and not the client according to IEEE 802.11i section 8.3.2.4.1 item b) 3)

I think you are misreading what is actually going on in your attack there. that's my opinion anyway.

Page 1 of 1

1

Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.
-Darren

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.
-Ben

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.
-Glenn