jkmaline at cc.hut.fi
Fri Feb 6 22:20:42 EST 2004
On Sat, Feb 07, 2004 at 12:06:07PM +0900, À±ÈñÁ¾ wrote:
> But one thing I cannot understand is;
> "I should change the keys of both entitites almost simultaneously."
> I think it requires a few seconds.
> Even if I set the same key again, the link is broken and other party should be
> set again right after.
> When I change key of AP, STA key should be changed within 1~2(?) seconds.
> Is it working principle of TKIP ? Does it require time sychronicity for key update ?
TKIP has replay protection which starts dropping packets if they are
sent using a smaller (or equal) sequence number than the previously
received valid frame used. When changing the keys, Host AP driver resets
the sequence number to zero and the other end will start dropping the
frames as replays. So yes, you will need to synchronize key updates and
that is what WPA does.
Jouni Malinen PGP id EFC895FA
More information about the HostAP