[RFC PATCH] Increase GTK/PTK rekey retries

Günther Kelleter guenther.kelleter at devolo.de
Mon Dec 19 08:06:11 PST 2016

We are experiencing frequent deauthentication of Android stations due to
GTK rekey failures: EAPOL frames are not answered during the total timeout
peroid of 3.5 s. Increase retries to cover a bigger timeout period.

Signed-off-by: Günther Kelleter <guenther.kelleter at devolo.de>
 src/ap/wpa_auth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

There seems to be a common problem with Android devices getting deauthenticated
frequently due to GTK rekey timeouts (https://code.google.com/p/android/issues/detail?id=196035#c56)
This patch fixes it by increasing the total timeout period.

IMHO a proper fix for this issue would be to implement retransmit timeouts as
mandated by 802.11-2012 Ch.
"The retransmit timeout value shall be 100 ms for the first timeout, half the
listen interval for the second timeout, and the listen interval for subsequent
timeouts. If there is no listen interval or the listen interval is zero, then
100 ms shall be used for all timeout values."

But 802.11 doesn't give any hints about the number of retries in

In our test case with Galaxy S6 the station announces a listen interval of
10 beacon periods corresponding in 1.024 seconds. But it remains in power
save mode for about 5 seconds.

Isn't that a bug in Android which violates 802.11-2012 Ch.
"The STA shall wake up early enough to be able to receive the first Beacon
frame scheduled for transmission at the time corresponding to the last TBTT
plus the ListenInterval."

This Android bug would still require dot11RSNAConfigGroupUpdateCount to be at
least 6 for successful GTK rekeying.

Obviously the same applies to PTK rekeying, where 802.11 mandates the same
interval specification.

Is there a reason that hostapd does not implement retransmit timeouts as
mandated by 802.11?

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 43e3558..ba1b58d 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -60,8 +60,8 @@ static void wpa_group_put(struct wpa_authenticator *wpa_auth,
 			  struct wpa_group *group);
 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos);
-static const u32 dot11RSNAConfigGroupUpdateCount = 4;
-static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
+static const u32 dot11RSNAConfigGroupUpdateCount = 8;
+static const u32 dot11RSNAConfigPairwiseUpdateCount = 8;
 static const u32 eapol_key_timeout_first = 100; /* ms */
 static const u32 eapol_key_timeout_subseq = 1000; /* ms */
 static const u32 eapol_key_timeout_first_group = 500; /* ms */

More information about the Hostap mailing list