802.11i support in IBSS mode
nicolas.pichon at luceor.com
Tue Nov 27 12:28:30 EST 2007
Although RSN associations (aka WPA2) are described for IBSS networks in
IEEE 802.11i norm, there is currently no implementation of this feature.
As a matter of fact, the only security mechanism available in IBSS mode
is WEP, which is too weak.
I'm currently working on a future implementation of 802.11i for IBSS
mode, and after having read and understood most of 802.11i norm parts
concerning IBSS, I'd like to submit my thoughts and choices, in order to
get any feedback from the list. I also have several questions to ask.
In a first time, my goal is to have an initial implementation with only
a subset of the features described in the norm.
What I plan to have is :
- WPA2-PSK mode
- CCMP (AES encryption)
- Beacons and Probe Response generation
What features I don't plan to include in initial implementation :
- 802.1X authentication
- Open System Authentication (optional in IBSS mode)
- Group Key Renewal
I think this should be enough in order to have 2 STAs talking inside a
To make developments and tests, I have many x86 and ixp425 based systems
with Atheros chips running madwifi driver.
Currently we have 2 components to manage an RSN association :
- hostapd on AP side which assumes the role of Authenticator
- wpa_supplicant on Client site which assumes the role of supplicant
In an IBSS network, each STA has an Authenticator AND a Supplicant. So
we have to have a component which can assume both roles. There are two
solutions that come in my mind. Should we :
- integrate needed code from one component to the other ? Which
component should integrate the other ?
- create a new component which include parts of source code from both
hostapd and wpa_supplicant (I think it's a better way to do). How could
we name this new component (a thing like "wpa2_ibss") ?
I've made a checkout of current GIT repository, and started reading
Doxygen generated Reference Manual, but I'm not familiar with
hostap/wpa_supplicant code. So any help on understanding it, where to
start work, or any pointer to additional information source are welcomed.
I already have three guys ready to bring some help or contribute (Jouni
Malinen, Benoit Papillault and Michael Taylor), but of course anyone
interested in giving help is also welcomed. We could use this list to
coordinate work for this project.
One more question : where should development take place ?
Thanks for reading this,
More information about the HostAP