aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd/wpa.h
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2008-11-06 17:57:21 (GMT)
committerJouni Malinen <j@w1.fi>2008-11-06 17:57:21 (GMT)
commit581a8cde77670ba7de2cce57f4a723ba435df9b7 (patch)
treed06cf58048193c7a10dc8e6de59fc414124fffcc /hostapd/wpa.h
parent81eec387dd7c1f4521822e48023e950dfa7b5a52 (diff)
downloadhostap-06-581a8cde77670ba7de2cce57f4a723ba435df9b7.zip
hostap-06-581a8cde77670ba7de2cce57f4a723ba435df9b7.tar.gz
hostap-06-581a8cde77670ba7de2cce57f4a723ba435df9b7.tar.bz2
Added support for enforcing frequent PTK rekeying
Added a new configuration option, wpa_ptk_rekey, that can be used to enforce frequent PTK rekeying, e.g., to mitigate some attacks against TKIP deficiencies. This can be set either by the Authenticator (to initiate periodic 4-way handshake to rekey PTK) or by the Supplicant (to request Authenticator to rekey PTK). With both wpa_ptk_rekey and wpa_group_rekey (in hostapd) set to 600, TKIP keys will not be used for more than 10 minutes which may make some attacks against TKIP more difficult to implement.
Diffstat (limited to 'hostapd/wpa.h')
-rw-r--r--hostapd/wpa.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/hostapd/wpa.h b/hostapd/wpa.h
index 567a8bf..153106e 100644
--- a/hostapd/wpa.h
+++ b/hostapd/wpa.h
@@ -136,6 +136,7 @@ struct wpa_auth_config {
int wpa_group_rekey;
int wpa_strict_rekey;
int wpa_gmk_rekey;
+ int wpa_ptk_rekey;
int rsn_pairwise;
int rsn_preauth;
int eapol_version;