Why no Secure flag when using WPA (not WPA2) in 3/4 and 4/4 EAPOL messages
j at w1.fi
Thu Jan 5 02:15:08 PST 2017
On Wed, Jan 04, 2017 at 04:23:00PM -0800, Ben Greear wrote:
> [resend, seems list ate the first??]
I see no sign of the previous email nor this newer email on the list for
that matter.. Not even in the moderation queue.
> I am trying to figure out if hostapd/supplicant is doing the right thing
> when using WPA. Neither the 3/4 or 4/4 messages have the Secure bit
> set. I found this code in hostapd, which looks pertinent, but I don't
> know if it is correct or not.
As far as I know, the implementation is correct.
> I looked in the 802.11i-2004.pdf document, and found this text
> on page 94.
IEEE Std 802.11i-2004 does not define WPA (v1)..
> 7) Secure (bit 9) is set once the initial key exchange is complete.
> The Authenticator shall set the Secure bit to 0 in all EAPOL-Key frames sent before the
> Supplicant has the PTK and the GTK. The Authenticator shall set the Secure bit to 1 in all
> EAPOL-Key frames it sends to the Supplicant containing the last key needed to complete the
> Supplicant’s initialization.
But even if it were, please note the "and the GTK" part there..
> Does the 3/4 message not have the 'last key needed' to complete supplicant's initialization?
Not in WPA.
> If not, then what packet does?
In WPA, the GTK is not delivered as part of the 4-way handshake; it is
delivered in group key handshake following that, i.e., the group key msg
1/2 which is sent after the 4-way handshake message 4/4 is the first
frame that provides the full set of keys to the station.
Jouni Malinen PGP id EFC895FA
More information about the Hostap