WPA2-PSK with TKIP fails to set GTK/PTK to driver: ioctl[IEEE80211_IOCTL_SETMODE]: No such device or address
Jouni Malinen
jkmaline
Wed Feb 14 19:57:44 PST 2007
On Tue, Feb 13, 2007 at 03:00:53AM +0200, kstauffer wrote:
> RSN pre-authentication seems to be enabled in ProST AP and RSN PTKSA
> Reply Counter is 1.
> I enabled pre-authentication from hostapd and checked if it behaves the
> same as ProST board, but it worked nicely.
>
> Could it be that the RSN PTKSA Reply Counter is causing 4way Handshake
> to be restarted, even Authentication were succesfull?
In theory, but at least wpa_supplicant does not care about it.
> What is the meaning of those PTKSA/GTKSA Reply Counter capabilities?
It tells how many replay counters are supported. When WMM is used, there
are multiple transmit queues and packets may be re-ordered (i.e., high
priority packets can be sent out before low priority once) and this
re-ordering can happen after packet numbers has been assigned to the
frames. WPA/WPA2 need multiple replay counters to handle such
re-ordering without dropping packets as replay attacks. I don't know
whether any driver really uses these values, but anyway, I would expect
devices that support WPA/WPA2 with WMM to support at least four replay
counters.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list