fragattacks/src
Jouni Malinen 6f234c1e2e Optional AP side workaround for key reinstallation attacks
This adds a new hostapd configuration parameter
wpa_disable_eapol_key_retries=1 that can be used to disable
retransmission of EAPOL-Key frames that are used to install
keys (EAPOL-Key message 3/4 and group message 1/2). This is
similar to setting wpa_group_update_count=1 and
wpa_pairwise_update_count=1, but with no impact to message 1/4
retries and with extended timeout for messages 4/4 and group
message 2/2 to avoid causing issues with stations that may use
aggressive power saving have very long time in replying to the
EAPOL-Key messages.

This option can be used to work around key reinstallation attacks
on the station (supplicant) side in cases those station devices
cannot be updated for some reason. By removing the
retransmissions the attacker cannot cause key reinstallation with
a delayed frame transmission. This is related to the station side
vulnerabilities CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, and CVE-2017-13081.

This workaround might cause interoperability issues and reduced
robustness of key negotiation especially in environments with
heavy traffic load due to the number of attempts to perform the
key exchange is reduced significantly. As such, this workaround
is disabled by default (unless overridden in build
configuration). To enable this, set the parameter to 1.

It is also possible to enable this in the build by default by
adding the following to the build configuration:

CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:06:26 +03:00
..
ap Optional AP side workaround for key reinstallation attacks 2017-10-17 00:06:26 +03:00
common Clear PMK length and check for this when deriving PTK 2017-10-16 02:03:47 +03:00
crypto OpenSSL: Force RSA 3072-bit DH prime size limit for Suite B 2017-09-18 12:12:48 +03:00
drivers Remove all PeerKey functionality 2017-10-16 02:03:47 +03:00
eap_common Use os_memdup() 2017-03-07 13:19:10 +02:00
eap_peer OpenSSL: Add option to disable ECDHE with Suite B RSA 2017-09-18 12:12:48 +03:00
eap_server Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
eapol_auth Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
eapol_supp eap_proxy: Support multiple SIMs in get_imsi() 2017-06-06 03:42:32 +03:00
fst FST: Silence compiler warning on WPA_ASSERT 2017-01-29 18:45:29 +02:00
l2_packet tests: Add TEST_FAIL() checks in l2_packet 2017-03-04 11:43:58 +02:00
p2p P2P: Do not use wait_time for SD Response TX for last fragmentation 2017-04-01 14:25:26 +03:00
pae PAE: Validate input before pointer 2017-09-25 21:26:32 +03:00
radius Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
rsn_supp Make last received ANonce available through control interface 2017-10-16 17:47:24 +03:00
tls Use os_memdup() 2017-03-07 13:19:10 +02:00
utils hs20-osu-client: Fix build with new OpenSSL and BoringSSL 2017-08-23 11:40:10 +03:00
wps WPS: Do not increment wildcard_uuid when pin is locked 2017-10-03 19:19:01 +03:00
lib.rules Add QUIET=1 option for make 2014-12-29 15:49:05 +02:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00