Wireshark mailing list archives
Re: IEEE 802.11 WPA3 decryption support
From: Mikael Kanstrup <mikael.kanstrup () sony com>
Date: Tue, 26 Mar 2019 10:59:11 +0100
On 25/03/2019 22:41, Guy Harris wrote:
No. That is still valid. I'm not trying to magically decrypt traffic without knowledge about the decryption keys. For WPA2 PSK the PSK == PMK is same for all connections towards a certain network making it possible to decrypt all traffic as long as you've recorded the 4-way handshake messages.On Mar 25, 2019, at 2:32 AM, Kanstrup, Mikael <Mikael.Kanstrup () sony com> wrote:I started working on WPA3 decryption support. Some parts of it has already been merged.So does this mean we'll prove Michael Berg of Tamosoft wrong? https://twitter.com/TamoSoft/status/1049975990695399424 "WPA3 will make it impossible to perform on-the-fly or post-capture decryption of WiFi packets by tools like CommView for WiFi. Good security, but still upsetting from the packet analysis standpoint..."
For WPA3 PMK is unique for each association and the passphrase -> PMK generation is strong. This gives:
- With password alone you cannot decrypt any traffic - With password + 4-way handshake you cannot decrypt any traffic- If you somehow can get hold of PMK you can only decrypt that specific connection. No other(s).
WPA3 decryption with Wireshark will only decrypt traffic where you know the PMK. This is similar to what is supported for WPA2 enterprise already today.
The dot11crypt engine duplicate quite a lot IEEE 802.11 dissector functionalityYes, and it shouldn't.
Agree. Thanks for feedback! /Mikael ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- IEEE 802.11 WPA3 decryption support Kanstrup, Mikael (Mar 25)
- Re: IEEE 802.11 WPA3 decryption support Alexis La Goutte (Mar 25)
- Re: IEEE 802.11 WPA3 decryption support Guy Harris (Mar 25)
- Re: IEEE 802.11 WPA3 decryption support Mikael Kanstrup (Mar 26)