mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-12-02 12:18:24 -05:00
4cada9dcc1
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss here means there would not be proper PFS for the case where PMKSA caching is used with FILS SK+PFS authentication. This was not really the intent of the FILS design and that issue was fixed during REVmd work with the changes proposed in https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx that add DHss into FILS-Key-Data (and PTK, in practice) derivation for the PMKSA caching case so that a unique ICK, KEK, and TK are derived even when using the same PMK. Note: This is not backwards compatible, i.e., this breaks PMKSA caching with FILS SK+PFS if only STA or AP side implementation is updated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> |
||
|---|---|---|
| .. | ||
| Makefile | ||
| peerkey.c | ||
| peerkey.h | ||
| pmksa_cache.c | ||
| pmksa_cache.h | ||
| preauth.c | ||
| preauth.h | ||
| tdls.c | ||
| wpa_ft.c | ||
| wpa_i.h | ||
| wpa_ie.c | ||
| wpa_ie.h | ||
| wpa.c | ||
| wpa.h | ||