Fri Apr 4 08:51:25 PST 2003
Well, i don't know if EAP-MD5 supports dynamic keying, i have read
somewere that it doesn't, but the rfc doesn't seem to indicate that it
I also thinking about using MD5, but from what i have read, it enables a
man in the middle attack, that intercepts your authentication and then
forward that request to the real AP enabling it to intercept your trafic
and to crack your password.
If you have few users, then EAP-TLS shouldn't give you too much trouble
and is much more secure.
So in my limited knowledge i suggest you to either change to TLS or
disable dynamic keying.
Hope it helps
P.S. I am also sending this message to the hostap list. but it takes a
little more time to be processed :-)
Venkatesh N wrote:
>Thanks for you quick response,,,
>I need MD5 authentication, so with this requirement what could be done
>to avoid failure of Re-Authentication
>Jose Araujo wrote:
>>What version of XP are you using, please try to upgrade to XP SP1 (it
>>seems better, but it removes MD5 auth).
>>In my setup the Key negotiation happens every 5 minutes (300 secs) and i
>>don't have any problem with both the broadcast key and the unicast key
>>(both at wep 128).
>>I even tried to change keys every 20 secs, and it still worked like a charm.
>>Venkatesh N wrote:
More information about the Hostap