Closed PeterTseng783327 closed 3 years ago
vanhoefm
commented
6 years ago Those backported patches you mention should defend against the attack. So no, that is not a normal phenomenon. Are you sure you applied all patches, and are using the patched wpa_supplicant?
PeterTseng783327
commented
6 years ago I tested the wpa_supplicant 2.5 & 2.6 patch But it still happens the same.
vanhoefm
commented
3 years ago Closing due to age
Hi,
I am trying to update the wpa_supplicant version 2.5 with all the security advisories from http://git.yoctoproject.org/cgit.cgi/poky/commit/?h=krogoth&id=54e3f82bd77203c3d578e26c86506e6ef5c27000
I completed all three tests and did not show any errors. ./krack-test-client.py ./krack-test-client.py –group ./krack-test-client.py –tptk
But, When I execute the './krack-test-client.py --tptk-rand' test script, the following message appears.
[01:20:13] 00:25:ca:07:be:55: usage of all-zero key detected (IV=5, seq=8). Client is vulnerable to (re)installation of an all-zero key in the 4-way handshake! [01:20:13] 00:25:ca:07:be:55: !!! Other tests are unreliable due to all-zero key usage, please fix this first !!!
Is this a normal phenomenon?