What is PMKID? Why would even a router give away the PMKID to an unauthorized stranger?

15,982

What I don't understand is the PMKID, What is it?

PMKID is the unique key identifier used by the AP to keep track of the PMK being used for the client. PMKID is a derivative of AP MAC, Client MAC, PMK and PMK Name.

You could express it as this code:

PMKID = HMAC-SHA1-128(PMK, "PMK Name" | MAC_AP | MAC_STA)

PMK caching is used to establish smooth roaming for time sensitive applications. Using PMKID caching the clients do not have to go through the entire authentication cycle and cuts down on the time needed for the client to authenticate to the new AP. This is especially important on WPA/WPA2-Enterprise networks that have authentication times of almost 1 second depending on authentication type being used.

How is it different from the actual PMK

The PMK itself is a hash that can be expressed as:

PMK = PBKDF2(Passphrase, SSID, 4096)

Why would even a router give away the PMKID to an unauthorized stranger?

The strength of the PMKID, and the PMK, depends on the strength of the Passphrase. Therefore it's counted to be as safe as the network itself.

Knowing the PMKID definitely increases an attacker’s advantage, on certain networks. The attacker can get what they need quicker and stealthier, but it doesn’t change the speed of the actual password cracking process. The attacker will still need to use conventional cracking tools, which will basically try a huge list of passwords against the captured data.

The appropriate defense is a lengthy and complex WPA2 password that would take decades to crack. Or just to upgrade to the new WPA3 encryption standard, if possible.

Useful references:

Share:
15,982

Related videos on Youtube

Sayan Dey
Author by

Sayan Dey

Updated on September 18, 2022

Comments

  • Sayan Dey
    Sayan Dey over 1 year

    I do have a general understanding of the 4-way handshake in WPA and WPA2 security. I know about PMK, PTK, GMK, GMK, SNONCE, etc terminologies. I also read about the new PMKID attack more silent than the legacy handshake capture method. What I don't understand is the PMKID, What is it? How is it different from the actual PMK. Why would even a router give away the PMKID to an unauthorized stranger?

  • Sayan Dey
    Sayan Dey about 4 years
    Thanks a lot for your detailed and patient answer. I learned a lot of new things after I searched in the resource-links. Also understood, pre-authentication, PMK caching, and roaming. But still can't figure out when does the AP actually gives out the PMKID to the supplicant.
  • harrymc
    harrymc about 4 years
    It is in the links. It is just an easier way of getting the PMKID without the owner knowing about it and with fewer packets, but nothing sensational.
  • Sayan Dey
    Sayan Dey about 4 years
    Yes, I saw that PMKID in packet cap, but I am unable to understand the relevance of that. As I said, I already looked into PMK caching and pre-authentication, and in my understanding I don't see in any of its steps, revealing of PMKID by AP being necessary. I mean it is the client needed to send the PMK to the AP during log in, and if the re-login is within the caching period the cached PMKID will be matched with the claimed PMK by the client. Why would the AP expose any PMKID? Please correct me if I am wrong.
  • Sayan Dey
    Sayan Dey about 4 years
    I read when a station is under AP1, and moving closer to AP2, when having a prefferably better signal strength than AP1, pre-authenticates with AP2 as it sends the 802.1x packets to AP1 which are then passed over to AP2 by AP1 and a 802.1x authentication is done thus. Is this where the vulnerability resides? The PMK cache emitted by the client and trasnfer of the same from AP1 to AP2?
  • harrymc
    harrymc about 4 years
    The attack is against any AP, of which the router is also one. It only relies on one single packet, simpler than the full 4-way handshake, and it doesn’t require any clients to be connected to the target AP. Many routers append an optional field to the first EAPOL frame sent by the AP itself when someone is associating, the Robust Security Network, which includes the PMKID. Such routers are vulnerable to this attack. This simplifies the attack for the attacker and is much faster, but it's not the only way to get the PMKID.
  • Sayan Dey
    Sayan Dey about 4 years
    Thanks @harrymc got it.
  • Risinek
    Risinek about 3 years
    But this still doesn't answer the question, why AP would share PMKID. It should be STA that sends PMKID to AP, and if AP has this PMKID in it's database, it will authenticate STA right away. So what is the actual benefit or reason why AP would share PMKID in a first place?