mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-02-21 11:33:04 -05:00
0c2b3f6541
IEEE Std 802.11-2012 description of SAE does not require this, i.e., it describes the requirement as 0 < scalar < r for processing the Commit message. However, this is not correct and will be changes to 1 < scalar < r to match the Dragonfly description so that a trivial secret case will be avoided explicitly. This is not much of an issue for the locally generated commit-scalar since it would be very unlikely to get the value of 1. For Commit message processing, a peer with knowledge of the password could potentially force the exchange to expose key material without this check. Signed-off-by: Jouni Malinen <j@w1.fi>