questions about WPA-PSK and EAP-PSK

Manoj Verma, Noida manojv at hcltech.com
Fri Jan 28 05:21:47 EST 2005


If we see in that perspective you are right. We have to config 802.1x as
this is the backbone for both. 

We can say that in this case the 802.1x consists of two parts:

1. EAP Authentication (For e.g. EAP-PEAP, EAP-TTLS etc..)
2. Security association (4way & Group H/s)

The protocol that encapsulates the related messages between AP and the
supplicant is EAPOL.


>-----Original Message-----
>From: SHI YU-SONG-W20040 [mailto:W20040 at motorola.com]
>Sent: Friday, January 28, 2005 3:39 PM
>To: 'Manoj Verma, Noida'; 'hostap at shmoo.com'
>Subject: RE: questions about WPA-PSK and EAP-PSK
>
>Noida:
>  Thanks your quick help.
>  How to send EAPOL-Key messages if we do not config IEEE802.1x?  I think
>EAPOL-Key is a part of IEEE802.1x.
>
>  I know the pre-shared key is the PMK, In WPA-PSK mode, need not 802.1x
>authentication with server, but still need 802.1x to transfer EAPOL-Key
>messages. and we still need to build eapol_sm.c and eap.c files, right?
>
>  EAP-PSK is a method of open source wpa_supplicant. I also confused it.
>
>
>
>
>-----Original Message-----
>From: Manoj Verma, Noida [mailto:manojv at hcltech.com]
>Sent: 2005年1月28日 17:49
>To: SHI YU-SONG-W20040; hostap at shmoo.com
>Subject: RE: questions about WPA-PSK and EAP-PSK
>
>
>See comments below..
>
>>-----Original Message-----
>>From: hostap-bounces+manojv=noida.hcltech.com at shmoo.com [mailto:hostap-
>>bounces+manojv=noida.hcltech.com at shmoo.com] On Behalf Of SHI YU-SONG-
>W20040
>>Sent: Friday, January 28, 2005 3:10 PM
>>To: hostap at shmoo.com
>>Subject: questions about WPA-PSK and EAP-PSK
>>
>>Hi:
>>   Would anyone please help to clarify the following issues, any help is
>>very appreciated.
>>
>>    Does the WPA-PSK mode also need to config IEEE802.1x? because WPA-PSK
>>also support WPA 4-Way Handshake to generating encrytion data key, by
>>exchanging EAPOL-Key messages between supplicant and authenticator, right?
>
>There are two types of Infrastructure BSS:
>1. Enterprise mode: This is the place where 802.1x authentication is used.
>Through 802.1x only the PMK is obtained which are used for derivation of
>(PTK) - EPAOL and temporal keys. After this 4-way and Group h/s starts.
>
>
>2. Personal mode: Here 802.1x is not used. Rather the Passphrase which we
>set at the AP and Supplicant side, is used for the derivation of EPAOL and
>temporal keys. After this 4-way and Group h/s starts which are nothing but
>part of EAPOL protocol.
>
>
>
>>    What's the difference between WPA-PSK and EAP-PSK? If I only try to
>>WPA-PSK, Does I need to config EAP-PSK to include IEEE802.1x? (But in the
>>README, which said that WPA-PSK mode does not require EAPOL/EAP
>>implementation, I think need EAPOL-Key to support WPA 4-Way Handshake).
>>
>
>I think the above should answer this.
>(Also I haven't heard of EAP-PSK).
>
>>Best Regards
>>Yusong
>>
>>
>>
>>_______________________________________________
>>HostAP mailing list
>>HostAP at shmoo.com
>>http://lists.shmoo.com/mailman/listinfo/hostap



More information about the HostAP mailing list