Encryption without authentication?

Philip M. White pmw
Mon Feb 20 08:53:33 PST 2006


On Mon, Feb 20, 2006 at 11:26:15AM -0500, Dan Williams wrote:
> On Sun, 2006-02-19 at 00:28 -0600, Philip M. White wrote:
> > At my house I run a wireless network using hostapd.  At this time the
> > network uses CCMP/TKIP, and EAP-PEAP for authentication.  As a result, I
> > must give the username and password to everyone who wants to use the
> > network.
> > 
> > Is there a way to retain the benefits of CCMP/TKIP without having to
> > configure each client with credentials? -- does hostapd support any such
> > scheme?  And if it does, what about client support?  I am certain that
> > wpa_supplicant would support whatever hostapd supports, but what about
> > Windows XP?  As far as I know, Windows XP only supports EAP-TLS and
> > EAP-PEAP.
> 
> Isn't plain old CCMP-PSK what you want here?  What prompted you run
> EAP-PEAP originally?

But that requires distributing a PSK key/phrase, doesn't it?

I chose PEAP because it allows me to specify a trivial password such as
the house number instead of long arbitrary strings such as WEP or PSK
keys.

My goal is for any user to be able to log on to the network without
knowing any special piece of data.

-- 
Philip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060220/9b93e7c1/attachment.pgp 



More information about the Hostap mailing list