hostapd: 4-way handshake and replay counter handling?
helmut.schaa at googlemail.com
Mon Oct 17 04:53:56 EDT 2011
On Sat, Oct 15, 2011 at 4:17 PM, Jouni Malinen <j at w1.fi> wrote:
>> >From IEEE 802.11-2007 126.96.36.199 (page 213):
>> "On reception of Message 2, the Authenticator checks that the key replay
>> counter corresponds to the outstanding Message 1. If not, it silently discards
>> the message."
>> Hence, shouldn't hostapd just discard the first msg 2/4 it receives
>> from the STA?
> Well, yes, in theory.. However, this is problematic because doing so can
> break interoperability with some deployed stations.
Agreed, what about the following:
Assume we receive a 2/4 reply to our first 1/4 msg and we start sending out
3/4. But if we receive a "different" 2/4 reply afterwards we should maybe
send the next 3/4 retry based on the latest 2/4?
More information about the HostAP