Is it possible to force greater than 128-bit strength when using AES-CCM mode?

Martes G Wigglesworth mailinglistmember at mgwigglesworth.net
Wed Sep 14 09:17:37 EDT 2011


Greetings list.

I was wondering why there is no switch or parameter to increase the 
"bit-strength" of the encryption algorithm under AES above 128-bit.

I also would like to know if I am simply misunderstanding the 
implementation.  The man page has always indicated that a "256-bit" hex 
key can be used in place of a passkey, however, I am a bit confused as 
to why the interface information always will indicate 128-bit AES-CCM.

Please reference the following:

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
         inet 192.168.200.1 netmask 0xffff0000 broadcast 192.168.255.255
         media: IEEE 802.11 Wireless Ethernet autoselect mode 11g *<hostap>*
         status: running
         ssid wireless-2 channel 1 (2412 MHz 11g) bssid 00:1b:2f:37:02:46
         country US ecm *authmode WPA privacy MIXED deftxkey 2*
*AES-CCM 2:128-bit* txpower 23 scanvalid 60 protmode CTS wme burst
         dtimperiod 1 -dfs

Does hostapd implement anything higher than a 128-bit encryption 
strength, or am I simply confused as to what I am using for reference?

I am running hostapd version 0.7.3 on a FreeBSD-8.2 router.

-- 
Respectfully,


Martes G Wigglesworth
M. G. Wigglesworth Holdings, LLC
www.mgwigglesworth.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20110914/35d2ba27/attachment.htm 


More information about the HostAP mailing list