TKIP encryption and xsupplicant
Jouni Malinen
jkmaline
Mon Jan 24 19:12:39 PST 2005
On Mon, Jan 24, 2005 at 10:32:21AM -0800, Dani Camps wrote:
> I want to set up a 802.1X authentication scheme for my
> wlan. I have an AP with WPA support, when I enable the
> support it allows me to choose between two different
> encryption methods TKIP and AES, I think TKIP is an
> extension of WEP by I don't know anything about AES,
> what is this AES ?
AES defines the encryption algorithm used with CCMP (IEEE 802.11i,
WPA2). Block cipher called Rijndael was selected as the new encryption
standard, AES, i.e., Advanced Encryption Standard, to replace dES.
> So far I was using xsupplicant in my fedora core 3,
> but when I started it there were some errors about the
> encryption, it was saying that it didn't detect any
> encryption, but I had the same key configured in the
> AP and in my wlan card. So is it possible that the
> problem comes form the fact that xsupplicant doesn't
> support TKIP, that is what I had in the AP and to do
> all the key management stuff I need wpa_supplicant ?
It's not about TKIP, but about the key management part of WPA. The
xsupplicant version in Fedora core 3 does not likely have WPA support.
The latest development version of xsupplicant seems to include some
support for WPA, so you should be able to choose between xsupplicant and
wpa_supplicant. Taken into account that this is the mailing list for
Host AP and wpa_supplicant, it should be easy to guess which one I would
recommend ;-).
> TKIP is basically like WEP but the keys are renewed
> periodically, isn't it ?
TKIP uses different RC4 key for each packet and in addition, includes
somewhat stronger data authentication with Michael MIC.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list