Deriving of Preshared key in EAP-PSK method
pzawadzki at polsl.pl
Wed Nov 29 13:29:27 EST 2006
Dnia środa, 29 listopada 2006 15:23, Ravi Kishore Singh napisał:
> Hello Hostap,
> I have one question regarding Preshared key that is used if we
> choose EAP-PSK as our EAP method::
> Do we need to enter 16 byte PSK manually as input for this method.
> It seems cumbersome. As Peer and Server should have same PSK, so
> there must be some standard mechanism which can generate PSK (same at both
> ends) from a set of user inputs provided at both ends.
According to the example in distributed wpa_supplicant.conf you can enter
a shared secret as hexadecimal key value or as text password.
group=CCMP TKIP WEP104 WEP40
psk="very secret passphrase"
In the second case the key is derived with the pseudorandom function build
around SHA-1, if I correctly recall. However, entering shared secrets as text
makes 4-way handshake vulnerable to dictionary attack if you choose weak/bad
Piotr Zawadzki, Silesian University of Technology
retrieve public key from http://www.keyserver.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20061129/32116dc6/attachment.pgp
More information about the HostAP