Unable to connect to AP via WPA-PKS/CCMP

Bryan Kadzban bryan at kadzban.is-a-geek.net
Sun Oct 9 23:05:23 EDT 2005


Thomas Heinz wrote:
> There is one more issue, I would like to know. Do the log files or 
> `hostap_diag -a wlan0` reveal any information that makes breaking the
>  encryption easier compared to sniffing the packets? I noticed
> several "[REMOVED]" tags in the logs so I guess it is at least not
> obvious.

Not sure about hostap_diag, but yes, the [REMOVED] tags in the logs are
probably there because those logs would otherwise contain the pairwise
and group keys being used by your clients.  The pairwise key may not be
a huge deal to post to a list (it'll hopefully be changed by the time
anyone reading the list would get a chance to use it, and it's only good
for one particular client MAC address anyway), but it's probably still
not a good idea.  The group key is definitely not a good thing to post
to a list, because (depending on your AP) it may never be changed.  I
don't know what hostap's policy is with that.

Those keys are all encrypted during the 4-way handshake, using part of
the PSK.  So this would also be more information than what's available
from a packet sniff, yes.  (Unless AES gets broken.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20051009/f640d56d/attachment.pgp 


More information about the HostAP mailing list