Page 1 of 1

PTK / GTK "it may be an attack, ignor it" connection failure with esp-idf v3.1

Posted: Fri Apr 26, 2019 9:52 am
by timredfern
We're seeing the following error randomly when ESP32 tries to connects to a particular WiFi router:

I (196641) wpa: PTK has been installed, it may be an attack, ignor it.
I (196645) wpa: GTK has been installed, it may be an attack, ignor it.

The connection then fails although the credentials are correct.

I see that there was a bug that produced a similar error that was fixed in esp-idf v2.1.1 -

https://github.com/espressif/esp-idf/issues/1273

However We're using esp-idf v3.1

The problem has only occurred using one particular router: Netgear R7000, using WPA2-PSK

I see that this message is generated within libwpa.a so it's not amenable to being debugged

I see a similar issue was reported after an OTA update and restart here:

https://github.com/espressif/esp-idf/issues/2320

There was no conclusion to this, if it is a question of some uninitialised memory being mis-interpreted as a handshake attack ie. possibly after a WDT reset, is there a way to clear the working memory of the wpa library?

Thanks in advance

Tim

Re: PTK / GTK "it may be an attack, ignor it" connection failure with esp-idf v3.1

Posted: Wed Jun 12, 2019 10:21 pm
by rinripper
Same error here