mesh SAE auth on low spec devices

Jouni Malinen j at w1.fi
Tue Aug 11 17:27:06 EDT 2015


On Tue, Aug 11, 2015 at 06:22:33AM +0000, Lukas Göstl wrote:
> I successfully built up a secure Mesh Network with 8 Nodes, however the peering/authentication takes sometimes about 10 minutes or fails completely.
> 
> I found out that during authentication time my CPU was overloaded. So I edited the Source of the mesh_mpm to authenticate to only one Peer at a time and ignore other peer notifications.
> 
> It works for me, but is this the right way to do it?

Something like that may be needed to handle the case where there is
simply not enough CPU to go through multiple SAE exchanges concurrently.
I'm not sure the exact approach used here is the best way of doing that,
though, since I'd expect some cases to end up blocking peers in a way
that results in blocking progress, e.g., when A wants to talk to B first
and B to C instead of A.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list