[solved] hostapd groupkey problem with madwifi
jkmaline at cc.hut.fi
Wed Feb 2 09:27:29 EST 2005
On Wed, Feb 02, 2005 at 01:19:19PM +0100, Sebastian Weitzel wrote:
> The solution is to disable encryption of EAPOL packets in madwifi. Jouni,
> can you state that this is a correct solution? I couldnt find
> documentation about this.
No, that is not correct. EAPOL frames, including Group Key Handshake,
has to be encrypted when WPA is used and pairwise keys are set. In other
words, EAPOL frames are never encrypted with non-WPA IEEE 802.1X or
during the initial WPA 4-Way Handshake (or IEEE 802.1X/EAP
authentication before this), but they are encrypted during rekeying and
reauthentication (including IEEE 802.1X re-authentication with WPA).
Jouni Malinen PGP id EFC895FA
More information about the HostAP