[PATCHv3 0/4] Improvements for roaming
j at w1.fi
Tue Nov 29 13:55:59 PST 2016
On Fri, Oct 21, 2016 at 01:11:48PM +0200, Michael Braun wrote:
> here comes the update patchset for a new FT inter-AP communication
> protocol already including broadcasting (but without caching).
> Most important changes:
> - use new oui ethertype
> This has been left as separate commit for easier review, but can
> be squashed easily.
Thanks! The first patch looks pretty good. I rebased this on top of the
current tree and did some cleanup while reviewing this (see attached
version). It is actually good to keep this as a separate commit as long
as 2/4 gets applied at the same time to avoid multiple different times
of breaking protocol backwards compatibility.
> - use AES+HMAC-SHA256 with Encrypt-Then-Mac scheme for AED protection
So this uses AES key wrapping as the encryption mechanism and
HMAC-SHA256 as a separate authentication step on top of that. This
sounds like a bit strange combination to me.. Since there are multiple
AEAD options and number of those already implemented in hostap.git, it
would seem to make more sense to go with that instead to make the
AES-CCM, AES-GCM, and AES-SIV are available in hostap.git. AES-SIV would
likely be the simplest option here due to not having to come up with a
mechanism for defining separate nonces/IVs. That said, we should
consider potential needs for replay protection here as well.. In the
current implementation, the only available protection is timestamp
comparison which has a 60 second window to allow not exactly
synchronized system times on the devices.
Jouni Malinen PGP id EFC895FA
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 24163 bytes
Desc: not available
More information about the Hostap