Hacker News new | past | comments | ask | show | jobs | submit login

>There's no need for a second AP in all this, just someone in range of the client who can replay packets to the clients.

How would you drop packet 3 without a new AP?




You don't. You record it and replay it. You want the client to get the same packet 3 over and over.


Are you sure about that? From the paper (section 3.3):

> Note that the adversary cannot replay an old message 3, because its EAPOL replay counter is no longer fresh.

And a related update from the TLDR post you originally referenced (which I believe is causing confusion):

> Update: An early version of this post suggested that the attacker would replay the message. Actually, the paper describes forcing the AP to resend it by blocking it from being received at the client. Thanks to Nikita Borisov for the fix.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: