Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-802-11-TGBH] IRM Points



Hi Graham,

 

              I can explain more why I say “8” bit revealed.

 

              Say your key has two bits as a simple example. To brutal force, attacker has to try 4 options.

 

              If you provide the xor in clear, say 0, it reveals that two bits are the same, so attacker now only needs to try 2 options, this effectively reduces the strength by 1 bit.

 

              Now, you provide 8 xor value, each effectively reduces the strength by one bit, so you reduce the strength by 8 bits.

 

              Attacker now does not need to try 128 bits. They can just try 120 bits. This reduces the attack time by 2^8=256. You are trading off the security strength of your key for the heavy computation that is required for your mechanism.

 

Best,

Po-Kai

 

 

 

From: G Smith <gsmith@xxxxxxxxxxxxxxxxxxx>
Sent: Thursday, November 04, 2021 6:41 PM
To: STDS-802-11-TGBH@xxxxxxxxxxxxxxxxx
Subject: [STDS-802-11-TGBH] IRM Points

 

IRM Check field.

There seems to be some confusion over the IRM Check field.  It was stated that it exposed 8 or 16 bits of the key.

The IRM Check field is the EX-OR of 8 bits of the key, with the next 8 bits.   

For every bit there are 2 combinations

1 can be 10 or 01

0 can be 11 or 00

Hence for each of the bits there are 2 possibilities.  Hence for the 8 bits there are

2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 = 256 possible combinations, i.e. 28

Hence, 256 possibilities for the 16 bits that make up the check. 

Then there are still 112 more bits to go through.

 

Spoofing and such

The idea was asked that a spoof could simply copy the random MAC address and the Hash into an Association request.  True, no different than copying a MAC address.  But even if the AP “recognized” the STA, the spoof STA still has to associate to do anything, and, as was pointed out, the association (4 way handshake) has nothing to do with the IRMK. 

The scheme could easily be that the “Change” option becomes the norm, and as such its IRMK would be unknown and copying the old MAC and Hash would not work.

 

Anyhow, good questions.

Graham

 

 

 

 

 

 

 

 


To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1


To unsubscribe from the STDS-802-11-TGBH list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBH&A=1