Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

Re: [STDS-802-11-TGM] 11-26/0789r0

--- This message came from the IEEE 802.11 Task Group M Technical Reflector ---

 

  Hi Mike,

 

  Thanks, that would be good.

 

  Thomas has informed me of what the issue is. The adversary is dropping the rejected groups element from the offers the second time around so each side thinks the other guy rejected 21 but it rejected nothing so each side produces identical salt (regardless of who has the bigger MAC) and it succeeds.

 

  Thanks Thomas and sorry for polluting your inbox Mathy 😊  Looking forward to further discussion in Antwerp.

 

  Regards,

 

  Dan.

 

--

“the object of life is not to be on the side of the majority, but to

escape finding oneself in the ranks of the insane.” – Marcus Aurelius

 

 

On 4/21/26, 11:04AM, "M Montemurro" <montemurro.michael@xxxxxxxxx> wrote:

 

Hi Dan,


I just wanted you to know that I agree to schedule some TGmf agenda time in Antwerp to go through this contribution again.

 

Cheers,

 

Mike

 

On Tue, Apr 21, 2026 at 1:53PM Harkins, Dan <00003862fd143b8a-dmarc-request@xxxxxxxxxxxxxxxxx> wrote:

--- This message came from the IEEE 802.11 Task Group M Technical Reflector ---

 

  Hi Mathy,

 

  I’m sorry I missed the TGmf teleconference in which you presented 11-26/0789r0 as I would’ve asked this question then. Anyway, in slide 5 you show an adversary blocking commits made with group 21, which would normally be accepted, and then both sides falling back to group 19. But why would the offer of group 19 be accepted since it will include a Rejected Groups element listing group 21 as being previously rejected? According to 12.4.5.4 (which you quote on slide 11), “…the list of rejected groups shall be checked to ensure that all of the groups in the list are groups that would be rejected. If any of the groups would not be rejected then processing of the SAE Commit message terminates and the STA shall reject the peer’s authentication.” Since 21 was acceptable, it would not have been rejected, but the peer is saying it was so the exchange should fail and this attack is not possible.

 

  Or what am I missing?

 

  Regards,

 

  Dan.

 

--

“the object of life is not to be on the side of the majority, but to

escape finding oneself in the ranks of the insane.” – Marcus Aurelius

 

To unsubscribe from the STDS-802-11-TGM list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGM&A=1

To unsubscribe from the STDS-802-11-TGM list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGM&A=1