Patch submission: multi-PSK support for hostapd

Philippe Teuwen philippe.teuwen at philips.com
Thu Sep 16 11:40:04 EDT 2004


Hello,

My name is Philippe Teuwen and I'm working for Philips N.V.,
assisted by my colleague Ventzislav Nikov.
Our job consisted last weeks in the implementation of a new feature
in hostapd for a standardisation validation based on actual prototyping.

We decided, after agreement by our legal department, to release our
patch because it can have an added value for everybody.
Actually a first patch was already delivered directly to Jouni Malinen
and this one is a new version after integration of his previous clever
remarks.

Please find the description and comments in this mail and the attached
diff (sorry it's against v0.2.4 as we started with 0.2.3 and not the
last cvs snapshot which should contain right now already some premices
of multi-PSK as Jouni started on his side after our first discussion).

Remark: I tried first to post this message at the beginning of the week
but not gzipped but it was blocked because of the size so sorry for
any inconvenience if you get twice this mail in the next hours/days.

Functional changes:
===================
This patch implement two main features:

First it allows multiple PSKs to be used simultaneously.
Some can be flagged as guest PSKs, PSKs intended to be share with guest
devices.
Second it allows this multiple PSKs configuration to be dynamically updated.
This is achieved via a file and SIGUSR2.
According to Jouni, this is not the best option so in the future this
will be migrated to a UNIX socket communication between a small CLI
and the hostapd daemon.

cf patch of README file for user interaction details.

Why this patch?:
================
WPA-PSK is very limited for a home network.
It doesn't provide any mecanism to allow an easy and secure guest access.
Sharing your PSK with your guests is not what you want and having to renew
the PSK after a guest leaves is very annoying.
Moreover, due to the way WPA-PSK is defined, a guest knowing the PSK used
in the home network can crack all the PTKs in use in the network as the
rest of the informations are directly accessible to someone knowing the PSK.
Therefore we wrote this patch to allow easy and secure guest access
scenarios. The basic scenario is to define two common PSKs, one for the home
devices and one for the guest devices. You are then free to renew
the guest PSK whenever you want without perturbing the home devices.
But the implementation is generic enough to allow much more complex scenarii.
For example the PSK can be seen as a private password and you distribute
different passwords to each of your clients.
Now that as the wpa_psk field can be more complex, we found easier
and more coherent to support passphrases the way wpa_supplicant does.
Therefore only wpa_psk keyword remains, wpa_passphrase was removed.

Why going for plain EAP was not an option for us?
The context we are considering is the "Home Networking" and in the future
Home Networking will be more and more CE centric than PC centric.
Therefore we cannot afford an authentication server integrated in a
non-PC authenticator. Today APs proposing WPA-Enterprise rely on an
external authentication server, cf the Linksys solution for example.
Moreover CE STA devices can't neither afford certificates nor complex
cryptographic operations (public key) nor complex user interfaces,
imagine your wireless mp3 player...
There are other ligher promising options in the EAP methods such as
EAP-PSK and it could give the same functionality as our multiple-PSK
and indeed we first investigated this way but it is not yet
standardized (still draft) and according to the author there is still
some merging effort to do with similar EAP drafts so we cannot rely on
the fact CE devices will all support the EAP-PSK method while any
WPA/WPA2 device already supports PSK.


Involved developers:
====================

Philippe Teuwen   <philippe.teuwen at philips.com>
Ventzislav Nikov <ventzislav.nikov at philips.com>

License:
========

Our patch is released under the following license.
The license below is a clarified version of the standard open source BSD
license.Contributions released under this license can be incorporated into
GPL-licensed open source projects:

This software and associated documentation files (the "Software") are
copyright © 2003 Koninklijke Philips Electronics N.V. All Rights Reserved.

A copyright license is hereby granted for redistribution and use of
the Software in source and binary forms, with or without modification,
provided that the following conditions are met:
·  Redistributions of source code must retain the above copyright notice,
thiscopyright license and the following disclaimer.
·  Redistributions in binary form must reproduce the above copyright
notice, thiscopyright license and the following disclaimer in the
documentation and/orothermaterials provided with the distribution.
·  Neither the name of Koninklijke Philips Electronics N.V. nor the names
of itssubsidiaries may be used to endorse or promote products derived from
theSoftwarewithout specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch-multiPSK-0.2.4.diff.gz
Type: application/x-tar
Size: 8109 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20040916/269df441/attachment.tar 


More information about the HostAP mailing list