WPA3 SAE and FIPS 140-3
Bob Friesenhahn
bfriesen at simple.dallas.tx.us
Fri Jul 1 13:38:53 PDT 2022
On Fri, 1 Jul 2022, achtol wrote:
>
> Does this mean that WPA3 is incompatible with FIPS? That would be puzzling,
> when the arguably less secure WPA2 does not pose such a problem (only
> constraints on the length of SSID/passphrases).
>
> Or, can it be claimed that these operations do not fulfill a security
> function? In which case, I believe, using a non-FIPS-approved algorithm is
> permitted.
Regardless of the reasoning employed (and hopefully it is the latter),
your FIPS 140-3 crypto library is not going to be very helpful since
it will refuse to work. You would then need to find the necessary
crypto algorithms independent of that library and add them in a
non-conflicting way, much as hostapd/wpa_supplicant include a private
implementation of MD5.
Bob
--
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Public Key, http://www.simplesystems.org/users/bfriesen/public-key.txt
More information about the Hostap
mailing list