[PATCH] rsn_supp: Don't encrypt EAPOL-Key 4/4.

Jouni Malinen j
Sat Sep 1 14:08:12 PDT 2012


On Sat, Sep 01, 2012 at 03:18:08PM +0200, Andreas Hartmann wrote:
> Jouni Malinen schrieb:
> > https://mentor.ieee.org/802.11/dcn/10/11-10-0313-01-000m-rekeying-protocol-fix.ppt

> May I kindly ask if these protocol changes have already been implemented
> in wpa_supplicant / hostapd? The actual situation is really annoying :-(.

Not yet. Though, even if they were, you would also need to get a
wireless LAN driver/firmware that supports non-zero Key ID for pairwise
keys, so this this require some more work.

For most use cases, CCMP is strong enough to be used for quite some time
without any rekeying, so the easiest workaround for rekeying related
issues is to increase the rekey interval. I would assume that the new
Key ID mechanism for unicast frames will eventually get deployed, but it
may take same time to get there.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list