WEP fails with Unsupported authentication algorithm (7820)

Sergey Matyukevich geomatsi at gmail.com
Sat Aug 15 14:29:23 EDT 2020 

> Hi Sergey,
> 
> On Mon, Aug 10, 2020 at 4:28 PM Sergey Matyukevich <geomatsi at gmail.com> wrote:
> >
> > Hi Egor,
> >
> > > > > During the transition from wpa_supplicant v2.4 to v2.9 on a legacy
> > > > > project I get the following message:
> > > > >
> > > > > mgmt::auth
> > > > > authentication: STA=7c:dd:90:44:a5:83 auth_alg=7820
> > > > > auth_transaction=112 status_code=31962 wep=1 seq_ctrl=0x60a0
> > > > > Unsupported authentication algorithm (7820)
> > > > > authentication reply: STA=7c:dd:90:44:a5:83 auth_alg=7820
> > > > > auth_transaction=113 resp=13 (IE len=0) (dbg=handle-auth)
> > > > >
> > > > > My conf file looks like this:
> > > > >
> > > > > ctrl_interface=/var/run/wpa_supplicant
> > > > > ap_scan=1
> > > > >
> > > > > network={
> > > > >         ssid="myssid"
> > > > >         mode=2
> > > > >         frequency=2447
> > > > >         key_mgmt=NONE
> > > > >         wep_key0="passw"
> > > > >         wep_tx_keyidx=0
> > > > > }
> > > > >
> >
> > ...
> >
> > > The old working rootfs had wpa_supplicant 2.4 but I have also tested
> > > it with the same kernel version 5.4.8. wpa_supplicant 2.10 has no
> > > problem with WPA/WPA2 and no encryption. The only problem so far is
> > > WEP.
> >
> > Coud you please clarify which combination of kernel/wpa_ did work on
> > your setup ? Did your WEP setup worked with new kernel and old wpa_s ?
> 
> Buildroot 2016: Linux 3.18.x: wpa_supplicant 2.4: OK
> Buildroot 2016: Linux 5.4.x: wpa_supplicant 2.4: OK
> Buildroot 2020: Linux 5.4.x: wpa_supplicant 2.6 - 2.10: KO
> 
> > I could not reproduce similar behavior using hwsim and AP and STA both
> > operated by wpa_s. What kind of client are you using ? Is it possible
> > to configure auth_alg on your client ?
> 
> My client is Ubuntu 18.04.3 LTS with 2.6.
> 
> > If you can configure auth_alg on both AP and STA, then could you please
> > try explicitly specify the same auth_alg on both sides. For this purpose
> > you may set auth_alg=OPEN or auth_alg=SHARED in wpa_supplicant configs
> > for both AP and STA network configurations. If client configuration is
> > beyond your control, then could you please try explictly both auth_alg
> > options on AP side.
> 
> Both sides auth_alg=SHARED - KO but both sides OPEN - OK.

Hi Egor,

I could not reproduce anything similar to your issue using hwsim driver
and different software versions: no corrupted AUTH frames for shared
key authentication. In fact now I would guess that the issue is related
to WiLink driver and/or its firmware.

By the way, shared key authentication does not make WEP stronger (rather
the opposite). So if you have usecases for WEP, you can 'safely' switch
to open authentication, until you figure out the root cause.

Regards,
Sergey

More information about the Hostap mailing list