"Unsupported TKIP Group Cipher key length"

Eric le.major at gmail.com
Wed Jun 1 18:28:37 EDT 2005 

On 6/1/05, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
> On Wed, Jun 01, 2005 at 01:06:10AM +0200, Eric wrote:
> 
> >   I'm trying to get WPA working on my Livebox modem/router and a
> > madwifi card + wpa_supplicant.
> >
> > I'm getting these messages from wpa_supplicant:
> >
> > State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE
> > WPA: RX message 1 of Group Key Handshake from 00:0e:9b:99:1a:38 (ver=1)
> > WPA: Unsupported TKIP Group Cipher key length 13 (13).
> 
> This sounds like the AP would be advertising that TKIP is used as a
> group cipher but the key length sounds more like something for WEP..
> Could you please send the full debug log from wpa_supplicant?

Ok, here's what -d gives:

Initializing interface 'ath0' conf '/etc/wpa_supplicant.conf' driver 'madwifi'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=0
Priority group 0
   id=1 ssid='WANADOO-A918'
Initializing interface (2) 'ath0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
Own MAC address: 00:0b:cd:5b:4b:1e
wpa_driver_madwifi_del_key: keyidx=0
wpa_driver_madwifi_del_key: keyidx=1
wpa_driver_madwifi_del_key: keyidx=2
wpa_driver_madwifi_del_key: keyidx=3
wpa_driver_madwifi_set_countermeasures: enabled=0
wpa_driver_madwifi_set_drop_unencrypted: enabled=1
Setting scan request: 0 sec 100000 usec
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Wireless event: cmd=0x8b1a len=12
Wireless event: cmd=0x8b19 len=12
Received 274 bytes of scan results (1 BSSes)
Scan results: 1
Selecting BSS from priority group 0
0: 00:0e:9b:99:1a:38 ssid='WANADOO-A918' wpa_ie_len=24 rsn_ie_len=0 caps=0x11
   skip - SSID mismatch
   selected
Trying to associate with 00:0e:9b:99:1a:38 (SSID='WANADOO-A918' freq=2422 MHz)
Cancelling scan request
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT WPA-PSK
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02
01 00 00 50 f2 02 01 00 00 50 f2 02
No keys have been configured - skip key clearing
wpa_driver_madwifi_set_drop_unencrypted: enabled=1
State: SCANNING -> ASSOCIATING
wpa_driver_madwifi_associate
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
Wireless event: cmd=0x8b1a len=25
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:0e:9b:99:1a:38
State: ASSOCIATING -> ASSOCIATED
Association event - clear replay counter
Associated to a new BSS: BSSID=00:0e:9b:99:1a:38
No keys have been configured - skip key clearing
Associated with 00:0e:9b:99:1a:38
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
WPA: drop TX EAPOL in non-IEEE 802.1X mode (type=1 len=0)
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
RX EAPOL from 00:0e:9b:99:1a:38
Setting authentication timeout: 10 sec 0 usec
IEEE 802.1X RX: version=1 type=3 length=95
  EAPOL-Key type=254
State: ASSOCIATED -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from 00:0e:9b:99:1a:38 (ver=1)
WPA: Renewed SNonce - hexdump(len=32): 46 d3 18 8b 4c 1c 31 3f 9b 6d
b1 b8 d8 d7 71 00 e5 84 63 69 e9 78 2b f7 2d 37 92 6e 5f 68 01 b5
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=64): [REMOVED]
WPA: Sending EAPOL-Key 2/4
RX EAPOL from 00:0e:9b:99:1a:38
IEEE 802.1X RX: version=1 type=3 length=119
  EAPOL-Key type=254
State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
WPA: RX message 3 of 4-Way Handshake from 00:0e:9b:99:1a:38 (ver=1)
WPA: IE KeyData - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02
01 00 00 50 f2 02 01 00 00 50 f2 02
WPA: Sending EAPOL-Key 4/4
WPA: Installing PTK to the driver.
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
wpa_driver_madwifi_set_key: alg=TKIP key_idx=0 set_tx=1 seq_len=6 key_len=32
State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
RX EAPOL from 00:0e:9b:99:1a:38
IEEE 802.1X RX: version=1 type=3 length=108
  EAPOL-Key type=254
State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE
WPA: RX message 1 of Group Key Handshake from 00:0e:9b:99:1a:38 (ver=1)
WPA: Unsupported TKIP Group Cipher key length 13 (13).
RX EAPOL from 00:0e:9b:99:1a:38
IEEE 802.1X RX: version=1 type=3 length=108
  EAPOL-Key type=254
State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE
WPA: RX message 1 of Group Key Handshake from 00:0e:9b:99:1a:38 (ver=1)
WPA: Unsupported TKIP Group Cipher key length 13 (13).
RX EAPOL from 00:0e:9b:99:1a:38
IEEE 802.1X RX: version=1 type=3 length=108
  EAPOL-Key type=254
State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE
WPA: RX message 1 of Group Key Handshake from 00:0e:9b:99:1a:38 (ver=1)
WPA: Unsupported TKIP Group Cipher key length 13 (13).
RX EAPOL from 00:0e:9b:99:1a:38
IEEE 802.1X RX: version=1 type=3 length=108
  EAPOL-Key type=254
State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE
WPA: RX message 1 of Group Key Handshake from 00:0e:9b:99:1a:38 (ver=1)
WPA: Unsupported TKIP Group Cipher key length 13 (13).
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
Setting scan request: 0 sec 100000 usec
Added BSSID 00:0e:9b:99:1a:38 into blacklist
State: GROUP_HANDSHAKE -> DISCONNECTED
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
wpa_driver_madwifi_del_key: keyidx=0
wpa_driver_madwifi_del_key: keyidx=1
wpa_driver_madwifi_del_key: keyidx=2
wpa_driver_madwifi_del_key: keyidx=3
wpa_driver_madwifi_del_key: keyidx=0
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Wireless event: cmd=0x8b1a len=12
CTRL-EVENT-TERMINATING - signal 2 received
State: SCANNING -> DISCONNECTED
No keys have been configured - skip key clearing
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_madwifi_set_drop_unencrypted: enabled=0
wpa_driver_madwifi_set_countermeasures: enabled=0
Removed BSSID 00:0e:9b:99:1a:38 from blacklist (clear)
...
 
> > I haven't been able to find any info on this type of error. Is it the
> > client or the AP's fault?
> 
> How is the AP configured? Are there any options on selecting the group
> cipher or something like "allow non-WPA clients"? I haven't seen any AP
> doing something that would produce this kind of debug message and it
> looks likely that the AP is doing something incorrectly. wpa_supplicant
> supports WEP as a group cipher, but that would require that the WPA IE
> is advertising WEP, not TKIP..

I think the AP is using wpa_supplicant, but I can't get the config it's using. 
There's very little (more like none) configuration options left to the user.

>From what I understand the AP can do both WEP and WPA at the same
time, but only advertises WPA (I think it's to be backwards compatible
with clients not supporting WPA and still have more recent clients  to
use WPA by default).

A friend with an hostap compatible card was able to associate to the
AP with WPA. Maybe this is somehow a problem with madwifi.

Ciao.
-- 
Eric

More information about the HostAP mailing list