Limitations of wpa_disable_eapol_key_retries option to work around key reinstallation attacks

Jouni Malinen j at w1.fi
Fri Oct 20 11:06:22 PDT 2017


On Fri, Oct 20, 2017 at 04:27:11PM +0200, Timo Sigurdsson wrote:
> Would the existing option wnm_sleep_mode that is mentioned in the example
> hostapd configuration[1] cover this scenario (if set to 0) or is that
> unrelated?

It is related, but likely not sufficient. It used to control only the
advertisement for the functionality. However, if the attacker clones the
AP with that advertisement hardcoded to claim that functionality is
available, the WNM-Sleep Mode operations could still be accepted.

With the following patch added, this could be used to prevent these
WNM-Sleep Mode cases, though:
https://w1.fi/cgit/hostap/commit/?id=114f2830d2c2aee6db23d48240e93415a256a37c

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list