wpa_supplicant -> EAP-TTLS/PAP, madwifi-ng (Atheros), problem
Dan Williams
dcbw
Tue Oct 17 08:42:41 PDT 2006
On Tue, 2006-10-17 at 08:00 -0700, Sam Schinke wrote:
> On Saturday 14 October 2006 07:13, Jouni Malinen wrote:
> > On Fri, Oct 13, 2006 at 04:12:20PM -0700, Sam Schinke wrote:
> > > > On Wed, Oct 11, 2006 at 07:04:45PM +0200, sabx wrote:
> > > > > IE: WPA Version 1
> > > > > Group Cipher : WEP-40
> > > > > Pairwise Ciphers (1) : WEP-40
> > > > > Authentication Suites (1) : 802.1x
> > >
> > > I get the same pairwise cipher on my netgear router which I connect to
> > > using WPA in linux and windows. Or is this cipher suite only invalid in
> > > the context of EAP_TTLS/PAP (etc).
> >
> > Np, that is invalid in any context if WPA is being used. It sounds like
> > there is some kind of bug in either the AP or the client (driver or
> > iwlist).. iwlist (v28) works fine in my tests, so I don't know what is
> > causing this.
>
> Is there any debugging I can assist with? This is a ndiswrapper Broadcomm 43xx
> wireless laptop connecting to a netgear router.
>
> This isn't something that would be valid with WPA v 1, which I though was
> designed to re-use as many WEP cryptographic algorithms as possible? I could
> understand it being invalid with WPA v 2 which is supposed to use AES.
WPA1 uses TKIP, which is an algorithm that is designed to reuse as much
_hardware_ on the card as possible, but is not compatible with WEP. The
idea was that, to get better security than WEP, and as a stop-gap
measure, manufacturers only had to update the firmware and driver [1] of
the card because the TKIP algorithm could use the same silicon
encryption engines that were already on cards. WPA2 with CCMP/AES, on
the other hand, requires hardware changes.
Dan
[1] How many actually did that? I can count on one hand. At least
Cisco did, but not many consumer-level devices ever got updated firmware
because their product cycles are too short and security wasn't a
selling-point for consumers at the time.
> Regards,
> Sam
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list