hostapd: 4-way handshake and replay counter handling?

Helmut Schaa helmut.schaa
Mon Oct 17 01:53:56 PDT 2011

On Sat, Oct 15, 2011 at 4:17 PM, Jouni Malinen <j at> wrote:
>> >From IEEE 802.11-2007 (page 213):
>> "On reception of Message 2, the Authenticator checks that the key replay
>> counter corresponds to the outstanding Message 1. If not, it silently discards
>> the message."
>> Hence, shouldn't hostapd just discard the first msg 2/4 it receives
>> from the STA?
> Well, yes, in theory.. However, this is problematic because doing so can
> break interoperability with some deployed stations.

Agreed, what about the following:

Assume we receive a 2/4 reply to our first 1/4 msg and we start sending out
3/4. But if we receive a "different" 2/4 reply afterwards we should maybe
send the next 3/4 retry based on the latest 2/4?


More information about the Hostap mailing list