Has wpa_supplicant a Problem with Replays?

Bryan Kadzban bryan at kadzban.is-a-geek.net
Fri Jan 13 07:09:05 EST 2006


Holger Schurig wrote:
> And here an entry from a Cisco 1200W, it came in via syslog
> User7.Debug:
> 
> Jan 12 16:54:24 172.16.1.206 24: *Mar  1 00:01:19.914: *** TKIP
> Replay[ucast q 4]: TA=0010.c680.24f2, RSC=0x11,TSC=0x10

I am not sure, but I don't believe wpa_supplicant does *anything* with
the TKIP implementation other than set the keys.  I believe everything
else is done by the driver, including the decision on when to update the
RSC/TSC values before they go into the next frame.

This issue would show up and be harmless if your STA retransmitted a
frame, even though it got an ACK from the AP.  There may be other cases
where it would happen and still not be a problem, though I don't know
for sure what they are.

One other case where they *would* be a problem is if someone else is
capturing the TKIP frames off the air, then replaying them a very short
time later.  (From the debug info, it looks like they would probably
have to replay them before your STA sends a second valid frame.  But I'm
not sure on that.)

Check into your drivers/STA firmware/card chipsets; maybe this is a
known issue with one of them.  (Actually, you might also consider
looking into whether there's a new Cisco firmware that might affect the
issue -- it's possible that the AP is updating its RSC/TSC values too
early.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060113/4bf504e5/attachment.pgp 


More information about the HostAP mailing list