11. Avoids replay detection
Doesn’t affect decryption
Changes expected MIC value
Attack: Capture packet, change priority, replay.
11
#ID / prior. MICData
Encrypted
Change
priority
MIC Failure(s) Traffic halted for 1 minute
12. Beck &Tews attack can forge 3 packets.
Injecting more requires new keystreams:
12
Ciphertext PlaintextKeystream
All packets start with
LLC header
We predict these with
very high accuracy
Capture packets
with new #ID’s.
13. LLC Header is only 12 bytes ….
Combine them using fragmentation!
#ID1 Data1 #ID16 Data16 MIC
Data MIC
Data1 Data16 MICData2
12 bytes/fragment: inject 120 bytes of data
14. Port Scanner:
1. Get MIC key using Beck &Tews attack
2. InjectTCP SYN packets
3. Detect SYN/ACK based on length
Remarks:
High amount of packet injection proven!
Also: DNS poisoning, DHCP spoofing, …
14
18. State1: initial state of every packet
State2: state after processing prefix
State3: equal to state1 due to magic bytes
State4: equal to MIC of sniffed packet!
Data MICMagicPrefix
Sniffed packet
18
State4State3State2State1
19. Possible applications?
Decrypt web responses:
Web mail
Bank details
…
DecryptTCP sequence number, hijack
connection and inject malware?
19
20. Integrity (MIC) not verified when fragmented:
AlfaAWUS036h Belkin F5D7053 Ralink U150BB
20
Attack time reduced
from >8 min to zero.