[PATCH] rsn_supp: Don't encrypt EAPOL-Key 4/4.

Jouni Malinen j
Sun Feb 12 10:25:19 PST 2012


On Sun, Feb 12, 2012 at 06:20:09PM +0100, Nicolas Cavallari wrote:
> It clears a key just before sending 4/4, and the new PTK will be set
> just after sending 4/4.
> So clearing the key or not will make no difference, apart from
> respecting the standard when we do (and when it works), because the
> standard actually use setprotection(rx) instead. It will likely not
> change the various races that exists when sending frames while changing
> keys that Andreas is likely experiencing.

It would not make difference for the initial 4-way handshake at the
beginning of the association, but it breaks PTK rekeying, i.e., another
4-way handshake during the association. In that exchange, all EAPOL
frames need to be encrypted with the old key.

> Yes : If a 4/4 is lost during rekeying, the retransmitted 3/4 cannot be
> interpreted by the supplicant anymore. The standard somewhat "authorize"
> stations to store more than one PTK for a TA/RA pair, but does not
> define how to use them...

Yes, this is not exactly completely defined, but in theory, something
that could be implemented.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list