Re: Coverage ?
I read the paper before commenting, although possessed of no specific prior interest in nonces nor particular knowledge of WPA keystreams. Hope that's OK.
It is a complex exploit; but not, apparently, too difficult to automate and build upon.
Importantly, the impact is obscured by the complexity.
That it is hard at this stage to fully explain the ramifications is not surprising. So no criticism intended.
It is a big hole, though. And one the significance of which can only be properly understood through detailed and nuanced exposition of practicalities. Well, I'd find that useful, personally.
Not too many malicious people will walk through the hole, in the grand scheme of things. But they always can if they want to.
I've left my keys in the front door (on the outside) overnight before now. Kicked myself; but nobody, in fact, availed themselves of the opportunity to either let themselves into my house or guess which car was mine on the street and use that key to steal it.
If someone had let themselves in, they would have found that many valuables were not locked away. Because we do still tend to trust the perimeter. Frequently, there isn't much choice.