Possible PTK compromission after GTK rekeying
Antonio Quartulli
antonio
Sat Nov 16 06:40:13 PST 2013
On Sat, Nov 16, 2013 at 04:35:12PM +0200, Jouni Malinen wrote:
> On Fri, Nov 15, 2013 at 04:28:47PM +0100, Antonio Quartulli wrote:
> > I am running hostapd-20120428 on OpenWrt and it is exhibiting a strange
> > encryption issue (I am using wpa mixed mode: WPA/WPA2).
> >
> > The symptom is that some Windows clients are losing their connectivity
> > after a GTK refresh (often after the first, but not necessarily).
>
> Which driver are you using?
I am using ath9k
> Can you provide a capture file from a test
> run with keys that you can share?
>
Mh, ok. I'll see what I can do. The point is that I have not been able to
replicate the issue in my testbed, and I can't share other people PSK :) I'll
let you know!
> > From an high level point of view it looks like the GTK rekeying is somehow
> > breaking the PTK on hostapd so that outgoing packets are not encrypted properly
> > anymore.
>
> I'd look at the driver first..
Yeah, good hint. I'll also give it a closer look.
Cheers,
--
Antonio Quartulli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20131116/c77a43ef/attachment.pgp>
More information about the Hostap
mailing list