802.11r and FT-EAP

Jouni Malinen j at w1.fi
Thu Sep 3 14:57:59 EDT 2015

On Tue, Sep 01, 2015 at 04:22:32PM +0300, Yury Shvedov wrote:
> I'm working with 802.11r and trying to test my scheme using
> mac80211_hwsim. I configured hostapd and wpa supplicant to use
> FT-PSK first. It works fine. But when I try to use radius with FT
> (FT-EAP), the 4-way handshake failed. Surfing the code and debug
> logs I found out that the reason is in xxkey field of
> wpa_state_machine (it is empty and ft can't derive ptk). The xxkey
> sets by wpa_auth when eapKeyData is 64 bytes long (2 * PMK_LEN). But
> eapKeyData fills up only by radius MS-MPPE-Send-Key and
> MS-MPPE-Recv-Key both 16 bytes long.

> How I have to configure hostapd, wpa_supplicant and radius to get
> another 32 bytes of key in xxkey field?

By using an EAP method that derives sufficient key material.

> Configuration files in attachment. Thank you!

Those use eap=MSCHAPV2, i.e., EAP-MSCHAPv2 as the EAP method (this is
_without_ PEAP or TTLS and TLS tunnel). That is not advisable for any
use today from security view point. In addition to that, EAP-MSCHAPV2
does not derive sufficiently long keys to allow FT key hierarchy to be
formed. If you were to replace that with MSCHAPv2 within PEAP or TTLS
Phase 2, this would work.
Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list