HPE Community
M and MSM Series
1823257 Members
3043 Online
109648 Solutions
New Discussion

MSM vulnerable to KRACK attacks?

 
SOLVED
Go to solution
Ascendor
Frequent Advisor

‎10-16-2017 02:49 AM

‎10-16-2017 02:49 AM

MSM vulnerable to KRACK attacks?

Hi,

a severe WiFi attack vector has been released shortly: https://www.krackattacks.com/

Questions:

  • Is MSM vulnerable to this?
  • When will security updates be released?
  • What measure are advisable? (E.g. configuration settings)

Thanks!

1 person had this problem.
8 REPLIES 8
Michael_Breuer
Esteemed Contributor

‎10-16-2017 06:44 AM

‎10-16-2017 06:44 AM

Re: MSM vulnerable to KRACK attacks?

Aruba has reached out to the teams responsible for the HP MSM series of controllers and the HPE 8xx Unified WLAN Appliance series to obtain status. A separate security advisory will be issued (https://www.hpe.com/us/en/services/security-vulnerability.html) with full details. It has been reported that these products are not vulnerable to the key reinstallation attack in the 4-way handshake or group key handshake when acting as an 802.1X authenticator. The products do not support 802.11r and are not vulnerable to the FT handshake vulnerability.

source: http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf  page 4

 

 

Ingentive Networks GmbH
Ascendor
Frequent Advisor

‎10-17-2017 01:32 AM - edited ‎10-17-2017 01:32 AM

‎10-17-2017 01:32 AM - edited ‎10-17-2017 01:32 AM

Re: MSM vulnerable to KRACK attacks?

Thank you @Michael_Breuer! Though, I'm not convinced by their statement. Opportunistic Key Caching (OKC) which is supported by HP MSM is very similar to 802.11r. I hope they'll check thoroughly. Additionally, I tried to contact the security researcher who found this issue. If he provides the test scripts, we would be able to verify this ourselfes.

0 Kudos
Ascendor
Frequent Advisor

‎10-17-2017 04:17 AM

‎10-17-2017 04:17 AM

Re: MSM vulnerable to KRACK attacks?

The FAQ has been updated to V1.1. Among others, there's the following new paragraph:

Does the 802.11r FT handshake vulnerability also apply to OKC?
A: Opportunistic key caching (OKC) is a non-standard but widely-implemented method for achieving
fast roaming. It existed before the creation of 802.11r. OKC does not use the FT handshake
and is not affected by the FT handshake vulnerability.

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf (Shift-Reload to see the updated version if yours doesn't show V1.1)

0 Kudos
Ascendor
Frequent Advisor

‎10-17-2017 11:39 PM

‎10-17-2017 11:39 PM

Re: MSM vulnerable to KRACK attacks?

Still not convinced. Even if we assume the fast-roaming part is uneffected, what about the mesh network feature? Using this, the access points get into the role of clients as well. That means they are performing the client parts of the 4-way-handshake.

According to the description, both clients and access points are vulnerable to this attack. In meshed networks, HP MSM is taking over both roles.

Maybe an HPE official could elaborate? Still the announced security bulletin from HPE is not available yet. When will it be?

0 Kudos
nekneknek
Occasional Visitor

‎10-18-2017 06:55 AM

‎10-18-2017 06:55 AM

Re: MSM vulnerable to KRACK attacks?

Not even a whisper so far from HPE...
This kind of (no)response has consequences.

0 Kudos
jeff1776
New Member

‎10-18-2017 03:36 PM

‎10-18-2017 03:36 PM

Solution

Re: MSM vulnerable to KRACK attacks?

HPE has released a statement.  Both the MSM and Unified WLAN products are not vulnerable to these attacks, including when used in mesh mode.

https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null&docLocale=en_US&docId=emr_na-a00029151en_us

 

Ascendor
Frequent Advisor

‎10-19-2017 12:34 AM

‎10-19-2017 12:34 AM

Re: MSM vulnerable to KRACK attacks?

Thanks for sharing @jeff1776!

Where did you get the information about mesh mode? I can't find it in the linked document.

 

0 Kudos
Ascendor
Frequent Advisor

‎10-19-2017 12:40 AM

‎10-19-2017 12:40 AM

Re: MSM vulnerable to KRACK attacks?

Overview on more HPE products: http://h22208.www2.hpe.com/eginfolib/securityalerts/Krack%20Attack/WPA2-KrackAttack.html

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.