mailing list archives
802.1x security hole ?
From: Arjuna Scagnetto <arjuna () ts infn it>
Date: Wed, 01 Aug 2007 13:14:59 +0200
recently i've discovered this article
"An initial security analysis of the IEEE802.1x standard"
( 6 Feb 2002 )
In it the authors show that a session hijacking against 802.1x stardard
is possible. (read it for details)
but making some research i've found on page 85 of IEEE802.11 STD 2007:
"In an RSNA, deauthentication also destroys any related PTKSA, group
temporal key security association (GTKSA), station-to-station link
(STSL) master key security association (SMKSA), and STSL transient key
security association (STKSA) that exist in the STA and closes the
associated IEEE 802.1X Controlled Port.
If pairwise master key (PMK) caching is not enabled, deauthentication
also destroys the pairwise master key security association (PMKSA) from
which the deleted PTKSA was derived."
Since the authors don't answer me i would ask to all of you if you think
or better if you know if the attack suggested is still possible or not?
thanks in advance
- 802.1x security hole ? Arjuna Scagnetto (Aug 01)