Mitigate the new WPA attack described in Beck, M. and Tews S. "Practical

attacks against WEP and WPA". The attack works by using the MIC failure
notification messages sent station->AP on MIC failure as an oracle to
verify guesses to reverse the CRC.

To stop this, we can skip sending these notify frames except when we
are going into "countermeasures" mode (drop the AP association, do not
process traffic for 60s). When we go into countermeasures, I send two
MIC failure notifications in a row - this should force the AP into
countermeasures too.

ok damien@

0 files changed, 0 insertions, 0 deletions