Group key renewal problem

Henrik Brix Andersen brix
Sat Mar 11 12:49:40 PST 2006 

On Sat, Mar 11, 2006 at 12:23:19PM -0800, Jouni Malinen wrote:
> Is that 00:02:6f:37:fc:68 the MAC address of your AP?

Yes, it is.

> If yes, it sounds like the AP starts using incorrect encryption for
> broadcast/multicast packets (WEP?) after rekeying. You could verify
> what kind of encryption the AP is using by looking at
> /proc/net/hostap/wlan0/crypt before and after rekeying.

Before group key renewal:

# cat /proc/net/hostap/wlan0/crypt
tx_keyidx=1
key[1] alg=CCMP key_set=1 tx_pn=000000000009 rx_pn=000000000000 format_errors=0 replays=0 decrypt_errors=0
key[2] alg=CCMP key_set=1 tx_pn=000000000009 rx_pn=000000000000 format_errors=0 replays=0 decrypt_errors=0

After group key renewal:

# cat /proc/net/hostap/wlan0/crypt
tx_keyidx=1
key[1] alg=CCMP key_set=1 tx_pn=000000000005 rx_pn=000000000000 format_errors=0 replays=0 decrypt_errors=0
key[2] alg=CCMP key_set=1 tx_pn=000000000009 rx_pn=000000000000 format_errors=0 replays=0 decrypt_errors=0


After the rekeying and disconnection of the client, the below messages
appear in the AP system log:

Mar 11 21:44:15 osgiliath hostapd: wlan0: STA 00:0e:35:fd:81:94 IEEE 802.11: deauthenticated due to local deauth request
Mar 11 21:44:20 osgiliath hostapd: wlan0: STA 00:0e:35:fd:81:94 IEEE 802.11: authenticated
Mar 11 21:44:20 osgiliath hostapd: wlan0: STA 00:0e:35:fd:81:94 IEEE 802.11: associated (aid 1, accounting session 441334F8-00000007)
Mar 11 21:44:20 osgiliath hostapd: wlan0: STA 00:0e:35:fd:81:94 WPA: pairwise key handshake completed (RSN)

Where 00:0e:35:fd:81:94 is the MAC address of the client. As you can
see, the client is reauthenticated 5 seconds after the group key
renewal kicked it off the AP.

Regards,
Brix
-- 
Henrik Brix Andersen <brix at gentoo.org>
Gentoo Metadistribution | Mobile computing herd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 213 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060311/82d88e5a/attachment.pgp

More information about the Hostap mailing list