EAP/802.1X authentication without susbsequent data confidentiality

Rupsky Gill rupskyzaildar
Wed May 31 19:33:11 PDT 2006


Thanks for the reply Jouni,

               oops...i meant to say hostapd  and not hostap in my original
mail :(
I am using madwifi driver and hostapd to set up an Access Point and
i am using wpa_supplicant and madwifi for the STA.

 I am experimenting with some EAP methods. I was wondering if it was
possible
to make hostapd authenticate the STA using EAP-TLS (or any other EAP method
for that matter)  however not encrypt the subsequent data exchanges after
successful authentication (i.e. not engage in 4-way hanshake etc.) It should
be theoretically
possible as authentication and confidentiality are two seperate security
functions.

I am bit lost as to is it as easy as changing particular config files
(hostapd/wpa_supplicant)
or would it need some code modifications ?

Thanks again for your reply

Regards
Rupinder


On 6/1/06, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
>
> On Tue, May 30, 2006 at 12:37:57PM +1000, Rupsky Gill wrote:
>
> >  Is it possible to configure hostap to authenticate clients using
> > EAP/802.1X, however not to
> > encrypt the susequent data exchanges after successful authentication (no
> > confidentiality). I need this setup for an academic experiment.
>
> Maybe.. Some driver interfaces may assume that IEEE 802.1X is only used
> encryption which may break association. Which driver are you using? I
> haven't tried this for a long while, so I would just suggest trying and
> see what happens..
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20060601/e5699e0f/attachment.htm 



More information about the Hostap mailing list