Overview
Explore the security vulnerabilities in Wi-Fi networks through Mathy Vanhoef's talk at the Workshop on Attacks in Cryptography 2021. Delve into the intricacies of aggregation and fragmentation flaws, including the aggregation design flaw and mixed key design flaw. Learn about exploit steps, packet construction, and data exfiltration techniques. Understand the background of reassembling plaintext and encrypted fragments, as well as the challenges posed by key renewal. Examine cloaked aggregated frames and their implications for Wi-Fi security. Gain valuable insights into recent advancements in Wi-Fi security and engage in a thought-provoking discussion on the future of wireless network protection.
Syllabus
Intro
Advancements in Wi-Fi security
Aggregation design flaw
Exploit steps
Easier version
How to construct the special IPv4/TCP packet?
Background
Reassembling plaintext fragments
Reassembling encrypted fragments
Problem: key renewal
Mixed key design flaw
How to exfiltrate data?
Cloacked aggregated (A-MSDU)frames
Discussion
Conclusion
Taught by
TheIACR