WPA2 and ChopChop attack

Question

I know that WEP is vulnerable to the ChopChop attack. Could the ChopChop attack be carried against WPA2-PSK as well? Some Internet articles suggest this possibility, I want to be sure though.

Answer 1

That's not exactly true. The attack can be performed against WPA not WPA2. To be more concrete against TKIP. But the attack can be only done under very special circumstances and is not conclusive. I found an amazing source about this. Is in spanish so I tried to translate it doing my best.

TKIP system is using RC4 protocol, the same as WEP with two variations:

The first is that the encryption keys are derived from the snonce and anonce values, then they are different from the authentication keys. The second is that encryption of a packet is not performed with only one key plus the initialization vector but an extended initialization vector, ie the IV plus a value known as TSC (TKIP Sequence Counter) is used. This 48-bit value changes at the same time as the IV is changing so that an IV+TSC is not reused in a channel for a lot of time (years probably).

If you are able to know the key used to cypher a packet, this can't be used again if you don't increment TSC. If the TSC is incremented then the key used to cypher the packet is invalidated. To be able to use again the key used to cypher a packet is needed that the Access Point support 802.11e QoS (Quality of Service) and WMM (Wifi Multimedia) or WME (Wireless Multimedia Extensions). These extensions can divide the bandwidth in eight channels with different priority on each one.

So based on this, if you find the key used to cypher a packet on a specific channel, with an IV and a concrete TSC, it will be used again to send a packet on other different channel. You can inject until seven valid packets while doing it before the key renegotiation period expires.

I also found this other post talking about this: Is WPA-PSK AES safer than WPA-PSK TKIP-AES?