wpa-supplicant for adhoc network with more than 2 nodes ?

Ly Hong Ly at iabg.de
Fri Jul 14 06:13:35 EDT 2006


Hi Jouni

refer to the mail from Fri May 19 23:41:56 MDT 2006 .

>>wpa_supplicant does not do any per-STA processing in IBSS mode for 
>>WPA-None, so I would be surprised if this were the case. Which driver 
>>are you using?

For your information: I am using the madwifi-driver (Madwifi-old) and I
have the following configuration for wpa_supplicant:

/etc/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=2
fast_reauth=1

network={
        ssid="test adhoc"
        mode=1
        proto=WPA
        key_mgmt=WPA-NONE
        pairwise=NONE
        group=TKIP
        psk="secret passphrase"
}



Sorry if I sound a little bit pedantic: What does your above answer
mean? Should WPA-NONE in IBSS mode work with more than two hosts or not?
The question arises from the observation that two hosts work just fine
while a third host can't connect at all.

Could you elaborate on your response that "wpa_supplicant does not do
any per-STA processing in IBSS mode"? Is this a missing piece in
wpa_supplicant or simply not needed at all?


>>This would be IEEE 802.11i IBSS, not WPA. You are talking
>>about WPA TK,
>>so I'm assuming this is indeed WPA-None, not IEEE 802.11i
>>IBSS. Anyway,
>>wpa_supplicant does not currently support IEEE 802.11i IBSS.

Since the standard 802.11i described clearly what is happening in IBSS 
mode. For example:

1. 4-Way Handshake for generation the session-key from the PSK-> each
adhoc link has different session-key
2. The session-key is used as input for data encryption for TKIP

If wpa_supplicant does not support 802.11i IBSS mode, how does WPA-None
work in adhoc-mode?

For example, Is there any 4-Way-handshake for generation the 
session-key from the PSK?

>>WPA-None is sharing the same key with all clients..

But TKIP needs amongst others 2 keys (MIC-key and Temporal-Key) as input
for data encryption. 
So these two keys I guess must being somehow derived from the shared key
mentioned by you. But then again we will have different session keys for
different links.
So can it be that there is no further key derivation and the shared key
will be used directly 
as input for TKIP in order to encrypt the data  ?

In this case all adhoc-link have the same key like WEP in IBSS mode, but
then 
the question arises again why two hosts work just fine while a third
host can't connect at all.

what could be the reason? Has anybody ever tried this? On what hardware?

Thanks in advance for your patience
and kind regards
  Hong



More information about the HostAP mailing list