回复: Re: Can hostap&madwifi support several bcast keys of one AP?

Jouni Malinen j at w1.fi
Mon Sep 29 05:50:07 EDT 2008


On Sat, Sep 27, 2008 at 10:46:00AM +0800, 王�h wrote:

> 1. I find that is 802.11i, it is said that:
> 
> The GTK shall be derived from the GMK by
> GTK ← PRF-X(GMK, “Group key expansion” || AA ||
> GNonce)

> AA is the AP's bssid, and if there is only ONE bssid
> or ONE VAP, how can I generate two different GTKs?

By using different GMK and/or GNonce value.

> I read the hostap's source and find that it will create
> different GMK by "hostapd_get_rand". Is it because the
> function be called at different time to generate 
> different GMK, and then to generate different GTK?

hostapd has separate data entries for each group key and as such, GMK
can be different for GTK derivation.

> According to Jouni's letter, if wlan is deployed with
> ath9k + mac80211-based drivers + hostap + some kernel
> patch, the function above will be realized??

It may. I haven't tested this with ath9k and the current mac80211, but
the original IEEE 802.11 code that used as basis for mac80211 did indeed
support this.

> If it does, where to obtain the ath9k's mac80211-based
> drivers?

It's included in the current Linux kernel tree; wireless-testing git
tree could be the best starting point since it has the latest available
code and AP mode is likely to require quite recent changes.

> What is the "a minimal patch to enable AP mode in the
> kernel code" and where to obtain it? 

http://w1.fi/wireless-testing/enable-ap-mode.patch

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list