Hello all,
Document 25/949r2 has been uploaded and concerns updated protections against A-MSDU attacks in mesh networks. This update adds an informative NOTE to explain the defense being added to the standard. The added NOTE is based on a similar one for non-mesh networks and adds information that is specific for mesh networks.
For easy reference, the NOTE added in this update of the document is:
NOTE <n>—The value AA-AA-03-00-00-00 is that which results from an attack in which an encrypted QoS Data frame not containing an A-MSDU (whose unencrypted frame body therefore starts with a Mesh Control field) has the A-MSDU Present subfield changed to 1 by an attacker to cause it to appear to be a payload protected A-MSDU (PP A-MSDU) with multiple MSDUs, in which case M equals the Address Extension Mode subfield of the original frame’s Mesh Control field. The value 3 is reserved in this subfield, meaning if M is 3, this attack has not occurred.
Best regards,
Mathy Vanhoef