Dynamic WEP Question

Jacques Caron Jacques.Caron
Mon Apr 28 02:36:14 PDT 2003


At 10:15 28/04/2003, =?utf-7?B?K3ZCWFhaY1gwLQ==?= wrote:
>Yes, It is not standard for EAP/MD5... but, are there any way to cheat STA 
>in hostap to send Dynamic WEP key ??
>for example, If we can generate MS-MPPE-SEND/RECV-KEY in hostapd then we 
>can send it to STA isn't it ?

I think you missed something important in the whole dynamic WEP key 
concept... Before you can use it, you need to have a way (the EAP method) 
to compute a secret key that is known only to the client (station) and the 
RADIUS server, which will then send it to the AP in the RADIUS 
MPPE-Send/Recv-Key attributes. If you just make up a key in the RADIUS 
server and send it to the AP, the AP will be able to generate a dynamic WEP 
key, encrypt it with the RADIUS key, and send it to the station, but the 
station will not be able to decrypt it since it does not know the key!

This is one of the reasons why EAP-MD5 is *not* a good choice for WLAN 
authentication: it does not provide any keys, so you cannot do dynamic WEP 
keying. The other problem being that EAP-MD5 is inherently insecure, being 
subject to a bunch of attacks that will reveal the user password.

For WLAN authentication, you should use a better EAP method, such as 
EAP-TLS, EAP-SRP, EAP-SIM, EAP-AKA, or one of the "compound" methods, such 

Hope that helps,


-- Jacques Caron, IP Sector Technologies
    Join the discussion on public WLAN open global roaming:

More information about the Hostap mailing list