Hostap configuration - internet resoucres ?
jkmaline at cc.hut.fi
Sun Feb 15 18:49:23 EST 2004
On Sun, Feb 15, 2004 at 09:22:22AM -0500, Sergio M. Ammirata wrote:
> After a lot of trial and error I was able to get CCMP with static keys
> working on top of a WDS link.
> The key synchronization is a big issue though. They have to be both started
> at the same time.
> Is there a way to disable the sequence number counter when one is using
> static keys?
> I was looking at hostap_crypt_ccmp.c but it is not quite obvious to me where
> to do it?
You should not really disable sequence numbers or the security of the
encryption is going to drop a lot. I wouldn't really recommend this, but
you could try disabling the replay detection without disabling sequence
number counter in the sender. This can be done by commenting out "if
(memcmp(pn, key->rx_pn, CCMP_PN_LEN) <= 0)" block in
One should also note that setting the same key multiple times means that
you are in fact re-using the same packet number for multiple packets,
since this is set to zero whenever the key is changed. In other words,
the same key should not be used again..
Jouni Malinen PGP id EFC895FA
More information about the HostAP