wpa-supplicant for adhoc network with more than 2 nodes ?

Jouni Malinen jkmaline at cc.hut.fi
Sat Jul 29 23:02:23 EDT 2006 

On Fri, Jul 14, 2006 at 12:13:35PM +0200, Ly Hong wrote:
> >>wpa_supplicant does not do any per-STA processing in IBSS mode for 
> >>WPA-None, so I would be surprised if this were the case. Which driver 
> >>are you using?

> Sorry if I sound a little bit pedantic: What does your above answer
> mean? Should WPA-NONE in IBSS mode work with more than two hosts or not?

Yes, it should. The answer means that wpa_supplicant does not need to do
anything specific for each STA in WPA-None mode.

> The question arises from the observation that two hosts work just fine
> while a third host can't connect at all.

That sounds like a driver bug.

> Could you elaborate on your response that "wpa_supplicant does not do
> any per-STA processing in IBSS mode"? Is this a missing piece in
> wpa_supplicant or simply not needed at all?

It is not needed at all in the supplicant since WPA-None is using the
same key with all stations.

> >>This would be IEEE 802.11i IBSS, not WPA. You are talking
> >>about WPA TK,
> >>so I'm assuming this is indeed WPA-None, not IEEE 802.11i
> >>IBSS. Anyway,
> >>wpa_supplicant does not currently support IEEE 802.11i IBSS.
> 
> Since the standard 802.11i described clearly what is happening in IBSS 
> mode. For example:
> 
> 1. 4-Way Handshake for generation the session-key from the PSK-> each
> adhoc link has different session-key
> 2. The session-key is used as input for data encryption for TKIP
> 
> If wpa_supplicant does not support 802.11i IBSS mode, how does WPA-None
> work in adhoc-mode?

IEEE 802.11i in IBSS mode is completely different from WPA-None.

> For example, Is there any 4-Way-handshake for generation the 
> session-key from the PSK?

Not in WPA-None.

> >>WPA-None is sharing the same key with all clients..
> 
> But TKIP needs amongst others 2 keys (MIC-key and Temporal-Key) as input
> for data encryption. 

Yes, sure. But the same set of keys needed for TKIP is shared with all
clients in WPA-None adhoc mode.

> So these two keys I guess must being somehow derived from the shared key
> mentioned by you. But then again we will have different session keys for
> different links.

No, each link is using the same key.

> So can it be that there is no further key derivation and the shared key
> will be used directly 
> as input for TKIP in order to encrypt the data  ?

Yes.

> In this case all adhoc-link have the same key like WEP in IBSS mode, but
> then 
> the question arises again why two hosts work just fine while a third
> host can't connect at all.

That would be a question to the authors of the driver, not supplicant.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list