wpa_supplicant: IBSS/RSN and node reboot
Tue Dec 20 00:03:50 PST 2011
Hi Jouni and thank you for your reply,
On Tue, Dec 20, 2011 at 01:05:38 +0200, Jouni Malinen wrote:
> On Mon, Dec 19, 2011 at 09:59:49PM +0100, Antonio Quartulli wrote:
> > I'm trying to make IBSS/RSN work in various scenarios.
> > In particular I'm now
> > focussing on the simple case of two nodes (say A and B) which get in sync and
> > where one of them (say B) suddenly reboots. After this event B tries to
> > renegotiate the key but, A (which didn't delete A's state since it haven't
> > received any IBSS_PEER_REMOVE) will drop its EAPOL packets due to wrong
> > replay_counter..is there any way to workaround this issue? Actually, since A is
> > never going to receive the IBSS_PEER_REMOVE (because A and B are again the same
> > IBSS), A is not going to delete/reinitiate B's state machine.
> The IEEE 802.11 standard provides a mechanism that could potentially be
> used to recover from this (well, at least if PMF is not used). Station B
> could send an Authentication frame here and that should make station A
> drop the current PTKSA. While the rules on Key Replay Counter do not
> strictly speaking discuss this IBSS use, I'd say it would be fine to
> allow this to be used to initialize key replay counter to 0 (this is
> describe beibg on on "(re)association" which does not really happen in
You mean using the authentication frame to reset the replay counter? this should
straightforward (from the coder point of view :-))
> A more string way of interpreting the standard would point out that Key
> Replay Counter does not get re-initialized back to zero until PSK is
> changed (i.e., potentially never) and as such, the station better
> remember which counter value it has used in the past and never go back
> to zero..
This would probably be cleaner, but I don't think it is always applicable:
imagine a node being suddenly plugged off (which is actually the test I'm doing)
..each of us alone is worth nothing..
Ernesto "Che" Guevara
More information about the Hostap