<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><span><br></span></div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><span>Dear all,</span></div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><span><br></span></div><div><span><font class="Apple-style-span" size="3">I attach at the end of this email a WPS trace that I am having trouble to understand. I would appreciate if somebody can help me </font>decipher<font class="Apple-style-span" size="3"> what is going on. The trace is obtained using the P2P implementation in wpa_supplicant when the P2P Client is trying to obtain the network credentials from the P2P GO. The chipset being used is AR5412 with ath5k. These are the steps that look strange to
me in the trace:</font></span></div><div><span><font class="Apple-style-span" size="3"><br></font></span></div><div><span><font class="Apple-style-span" size="3">1) After the M1-M8 messages to convey network credentials to the P2P Client, the P2P Client disassociates in order to reconnect to the network with the proper credentials. You can see in frames 508 and 509 how the P2P Client is authenticating with the P2P GO in order to re-enter the network. However, when authentication completes instead of proceeding with the re-association the P2P Client stays quiet for 5 seconds, i.e. </font></span>6.779815 seconds to 11.779928 seconds. My guess is that the P2P Client is doing scanning through the 2.4Ghz band during this time. Finally at 11.779928 seconds the re-connection with the P2P GO starts. What I do not understand here, is why does the P2P Client in the middle of the re-connection with the P2P GO in WPS goes to do an scanning
?</div><div><br></div><div>2) When the P2P Client attempts the re-connection to the P2P GO with the proper network credentials, this re-connection fails for two times and finally succeeds the third time. In particular the P2P GO disassociates the P2P Client after this one submits the WPA key. You can see this happening at times 14.654176 seconds and 17.853630 seconds, and finally succeeds at time 21.064690 seconds. Why would the first two connection attempts fail ? Checking the format of the packet they seem identical to the one that succeeds, the WPA key is the same and only differ on the Nonce and the MIC. Can it be that the P2P GO is not ready and that is why it cancels the procedure? But then I do not understand why does the P2P GO initiate the key exchange in the first place.</div><div><br></div><div>Thanks for your help</div><div><br></div><div>Best Regards</div><div><br></div><div>Daniel</div><div><br></div><div>Wireshark
Trace:</div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><br></div><div style="font-family: 'times new roman', 'new york', times, serif; "><div style="font-family: 'times new roman', 'new york', times, serif; "><div class="yui_3_2_0_15_131712915312257"> No. Time Source Destination Protocol Info</div><div class="yui_3_2_0_15_131712915312257"> 224 3.111613 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Authentication, SN=48, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 225 3.112065 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Authentication, SN=16, FN=0, Flags=........</div><div
class="yui_3_2_0_15_131712915312257"> 227 3.112558 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Association Request, SN=49, FN=0, Flags=........, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 230 3.130242 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Association Response, SN=17, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 232 3.131710 D-Link_c5:56:a4 D-Link_c5:53:93 EAP Request, Identity [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 234 3.132895 D-Link_c5:53:93 D-Link_c5:56:a4 EAP Response, Identity [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 235 3.133302
D-Link_c5:56:a4 D-Link_c5:53:93 EAP Request, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 242 3.212666 D-Link_c5:53:93 D-Link_c5:56:a4 EAP Response, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 247 3.245831 D-Link_c5:56:a4 D-Link_c5:53:93 EAP Request, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 262 3.333194 D-Link_c5:53:93 D-Link_c5:56:a4 EAP Response, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 263 3.337864 D-Link_c5:56:a4 D-Link_c5:53:93 EAP
Request, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 267 3.342888 D-Link_c5:53:93 D-Link_c5:56:a4 EAP Response, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 268 3.372607 D-Link_c5:56:a4 D-Link_c5:53:93 EAP Request, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 270 3.373002 D-Link_c5:53:93 D-Link_c5:56:a4 EAP Response, Expanded Type [RFC3748]</div><div class="yui_3_2_0_15_131712915312257"> 273 3.410399 D-Link_c5:56:a4 D-Link_c5:53:93 EAP Failure</div><div class="yui_3_2_0_15_131712915312257"> 274
3.415030 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Deauthentication, SN=56, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 275 3.420762 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Deauthentication, SN=28, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 292 3.631890 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Probe Response, SN=31, FN=0, Flags=........, BI=100, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 508 6.468064 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Authentication, SN=74, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 509 6.468524 D-Link_c5:56:a4
D-Link_c5:53:93 IEEE 802.11 Authentication, SN=61, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 527 6.779815 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Probe Response, SN=65, FN=0, Flags=........, BI=100, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 1003 11.779928 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Probe Response, SN=117, FN=0, Flags=........, BI=100, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 1172 14.616333 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Authentication, SN=109, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1174 14.616734 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11
Authentication, SN=146, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1176 14.617248 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Association Request, SN=110, FN=0, Flags=........, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 1177 14.618125 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Association Response, SN=147, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1183 14.651225 D-Link_c5:56:a4 D-Link_c5:53:93 EAPOL Key</div><div class="yui_3_2_0_15_131712915312257"> 1185 14.654176 D-Link_c5:53:93 D-Link_c5:56:a4 EAPOL Key</div><div class="yui_3_2_0_15_131712915312257"> 1186 14.654540 D-Link_c5:56:a4
D-Link_c5:53:93 IEEE 802.11 Deauthentication, SN=149, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1434 17.808337 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Authentication, SN=129, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1436 17.808759 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Authentication, SN=186, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1438 17.809217 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Reassociation Request, SN=130, FN=0, Flags=........, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 1439 17.812823 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Reassociation Response,
SN=187, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1444 17.850420 D-Link_c5:56:a4 D-Link_c5:53:93 EAPOL Key</div><div class="yui_3_2_0_15_131712915312257"> 1446 17.853630 D-Link_c5:53:93 D-Link_c5:56:a4 EAPOL Key</div><div class="yui_3_2_0_15_131712915312257"> 1447 17.853975 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Deauthentication, SN=189, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1468 18.172101 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Probe Response, SN=194, FN=0, Flags=........, BI=100, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 1687 21.008353 D-Link_c5:53:93
D-Link_c5:56:a4 IEEE 802.11 Authentication, SN=149, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1688 21.008784 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Authentication, SN=225, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1690 21.009235 D-Link_c5:53:93 D-Link_c5:56:a4 IEEE 802.11 Reassociation Request, SN=150, FN=0, Flags=........, SSID="DIRECT-BT"</div><div class="yui_3_2_0_15_131712915312257"> 1691 21.013081 D-Link_c5:56:a4 D-Link_c5:53:93 IEEE 802.11 Reassociation Response, SN=226, FN=0, Flags=........</div><div class="yui_3_2_0_15_131712915312257"> 1696 21.060251 D-Link_c5:56:a4 D-Link_c5:53:93 EAPOL Key</div><div
class="yui_3_2_0_15_131712915312257"> 1698 21.063466 D-Link_c5:53:93 D-Link_c5:56:a4 EAPOL Key</div><div class="yui_3_2_0_15_131712915312257"> 1699 21.064253 D-Link_c5:56:a4 D-Link_c5:53:93 EAPOL Key</div><div class="yui_3_2_0_15_131712915312257"> 1701 21.064690 D-Link_c5:53:93 D-Link_c5:56:a4 EAPOL Key</div></div></div></div></body></html>