What happens when a nonce is reused (WPA2)

Asked Apr 02 '18 at 08:21

Active Apr 02 '18 at 14:41

Viewed 131 times

I am trying to understand the KRACK on WPA2. But in their paper (PDF) it just simply states that

By forcing nonce reuse in this manner, the encryption protocol can be attacked.

But I cannot find an explanation WHY this is possible. I.e. what exactly happens, that when a nonce is reused, the encryption protocol can be attacked?

edited Apr 02 '18 at 14:41

e-sushi

17,891
12
83
229

asked Apr 02 '18 at 08:21

Tafel

1

TL;DR: (anybody who wants to, please write a proper answer), WPA2 uses CTR mode for bulk encryption and with a fixed nonce you learn message XORs. – SEJPM Apr 02 '18 at 10:34

What happens when a nonce is reused (WPA2)

0 Answers0