[solved] hostapd groupkey problem with madwifi

Jouni Malinen jkmaline at cc.hut.fi
Wed Feb 2 09:27:29 EST 2005


On Wed, Feb 02, 2005 at 01:19:19PM +0100, Sebastian Weitzel wrote:

> The solution is to disable encryption of EAPOL packets in madwifi. Jouni,
> can you state that this is a correct solution? I couldnt find
> documentation about this.

No, that is not correct. EAPOL frames, including Group Key Handshake,
has to be encrypted when WPA is used and pairwise keys are set. In other
words, EAPOL frames are never encrypted with non-WPA IEEE 802.1X or
during the initial WPA 4-Way Handshake (or IEEE 802.1X/EAP
authentication before this), but they are encrypted during rekeying and
reauthentication (including IEEE 802.1X re-authentication with WPA).

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list