Questions with wep keys for WinXP

Haidong Xia hdxia1 at
Tue Jun 24 10:45:38 EDT 2003


So, if WinXP recieves only the unicast key, it will use it to send any 
frames out.  If I only configure an
AP to support unicast key for each station, but the 
default_wep_key(broadcast) is none(no encryption), the broadcast frames from 
an AP should not be encrypted.  Will WinXP accept the broadcast frame 
without encryption?  What is the reason why DHCP request can not go through 
under such situation?

The reason I am asking this is that I want to only enable the unicast key 
for each station. So that HostAP can support 802.1x clients, and also 
support a station without using 802.1x.  For the station without 802.1x 
support, there will be no encryption at all.

> > I tried another way also. If I turn the individual key on, and default 
> > key off.  WinXP only receives
> > the unicast key after authentication succeeds. This is what I expected. 
> > WinXP client CAN NOT get
> > an ip address through DHCP.  Since a DHCP request is a broadcast, I 
> > if something is wrong with the broadcast key.
>hostapd does not support such configuration. You can either use only
>broadcast key (which may require workaround with WinXP) or both
>broadcast and unicast.
> > So, if WinXP doesn't receive a broadcast key, will it use the only 
> > key to encrypt a DHCP request?
>IEEE 802.11 stations do not actually send broadcast (.11) packets in
>BSS. Only AP is sending broadcast packets. The destination address (DA)
>of that packet is broadcast, but in STA->AP direction, the "802.11
>destination" (addr1) is BSSID and the packet is unicast.. However, when
>AP re-broadcasts this frame, it would be a real broadcast (.11) frame.
>Jouni Malinen                                            PGP id EFC895FA
>HostAP mailing list
>HostAP at

The new MSN 8: advanced junk mail protection and 2 months FREE*

More information about the HostAP mailing list