WPA2 - is it implemented in hardware or software (or both)?

Bryan Kadzban bryan at kadzban.is-a-geek.net
Fri Oct 27 07:11:49 EDT 2006


Svein Olav jerkeset wrote:
> My question is: Is WPA2 implemented in software 
> (hostapd/wpa_supplicant) only, or does the hardware need to support 
> WPA2 as well?

Both.  The software (possibly including the wireless card driver) needs
to understand the WPA2 information elements that get put into the
beacons and probe responses.  These are what tell the client that the
network is WPA2.  The AP also needs to be able to put those IEs into the
beacon and probe response frames, so it needs to understand them too.

If WPA2-EAP is used, then the software on the AP needs to be able to
understand the EAP->RADIUS mapping.  Otherwise, the software on the AP
needs to know the PSK algorithms.  On the client, the software needs
to know how to work with the EAP method in use (TLS, PEAP, FAST, etc.)
if it's WPA2-EAP, and how to go through the PSK algorithm if it's PSK).

The hardware and/or the wireless driver need to understand how to do the
CCMP encryption that WPA2 requires support for.  The supplicant will
program a large key into the driver, and either the driver or the card
will use that key to do the encryption.  (AFAIK most D-Link cards do it
in the driver, not the hardware.  But getting an updated driver for your
client card that supports WPA2 may be an exercise in futility; D-Link
doesn't seem to come up with new drivers for old cards very often.  It'd
still be worth a look though.)

If your hardware (or driver) doesn't do WPA2 encryption, then I don't
believe this will be the symptom:

> When I do this, the WLAN shows up as WPA2 in Windows XP, but the
> state changes to disconnected almost immediately after I get a
> connected state.

but I'm not sure.

Also, it's *extremely* difficult to get debug info out of the XP
wireless client.  I'm guessing the debug log from hostapd would help
someone that's worked with hostapd before, though.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20061027/0bcb2edb/attachment.pgp 


More information about the HostAP mailing list