Re: [Madwifi-devel] Atheros hardware key cache and multicast keys
Status: Beta
Brought to you by:
otaku
From: Benoit P. <ben...@fr...> - 2008-03-29 15:36:24
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Georg Lukas a écrit : | Hello again, | | * Georg Lukas <ge...@bo...> [2008-03-19 15:01]: |> I'm trying to improve the encryption situation in Ad-Hoc mode by |> implementing 802.11i authentication and encryption according to the |> standard, and I need some insight from people knowing the working of the |> hardware key cache. | | In my still rather fruitless attempts to achieve this, I have written a | tool to set and read the keys in the driver. If somebody is interested | in testing it (you can also get interesting insights from established | WPA sessions), you can download and run it as follows: | | # wget http://op-co.de/madwifi/wpakey.c | # gcc -I/usr/src/madwifi-ng -Wall wpakey.c -o wpakey | # ./wpakey -h | | Now I try to set up a simplified scenario, where A and B each use only | one key for sending messages, but then only broadcast packets are sent, | unicast packets are silently dropped on the sender. Is it possible to | use the default broadcast key for unicast messages also? | |> 1. (how) can the hardware of node A determine, which key to use for a |> message received from node B? It would have to use different keys for |> broadcast and unicast messages. From reading the madwifi source code, |> some chips (AR5212?) have such a feature (see sc->sc_mcastkey), but it |> is not activated on the hardware I tested. | | Unfortunately, I could not achieve any success with this. Maybe someone | with Atheros specs could look if it is supposed to work at all. | | Kind regards, | | Georg Hi Georg, Reading ath5k source code and current madwifi, I think I found something interesting. Your previous mail from referring to some multicast feature that needs to be enabled. Indeed, sc_mcastkey is inside a #if 0 section. ~From my reading, the ath_hal_getmcastkeysearch() function just check if the feature is enabled or not. There should be a corresponding ath_hal_setmcastkeysearch() probably since there is also a ath_hal_hastmcastkeysearch(). Maybe if you try this that would work? Moreover, I'd like to understand a bit further how the hardware is working. From ath5k, there is only one MAC address (if any...) in the hardware. From madwifi, it seems that up to 4 keys are created : RX/TX and MIC stuff (don't know what it is). So maybe we just need to know what proper combination of RX/TX keys we need to setup? Regards, Benoit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH7mHuOR6EySwP7oIRAsI3AKDnRtCLbSWlQPF3y7S9kTwFxInEHgCeL4Bg PsydewV1A80y5XeeoaAs2TE= =tNy7 -----END PGP SIGNATURE----- |