aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2008-11-06 17:57:21 (GMT)
committerJouni Malinen <j@w1.fi>2008-11-06 17:57:21 (GMT)
commit581a8cde77670ba7de2cce57f4a723ba435df9b7 (patch)
treed06cf58048193c7a10dc8e6de59fc414124fffcc /hostapd
parent81eec387dd7c1f4521822e48023e950dfa7b5a52 (diff)
downloadhostap-581a8cde77670ba7de2cce57f4a723ba435df9b7.zip
hostap-581a8cde77670ba7de2cce57f4a723ba435df9b7.tar.gz
hostap-581a8cde77670ba7de2cce57f4a723ba435df9b7.tar.bz2
Added support for enforcing frequent PTK rekeying
Added a new configuration option, wpa_ptk_rekey, that can be used to enforce frequent PTK rekeying, e.g., to mitigate some attacks against TKIP deficiencies. This can be set either by the Authenticator (to initiate periodic 4-way handshake to rekey PTK) or by the Supplicant (to request Authenticator to rekey PTK). With both wpa_ptk_rekey and wpa_group_rekey (in hostapd) set to 600, TKIP keys will not be used for more than 10 minutes which may make some attacks against TKIP more difficult to implement.
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/ChangeLog5
-rw-r--r--hostapd/config.c2
-rw-r--r--hostapd/config.h1
-rw-r--r--hostapd/hostapd.c1
-rw-r--r--hostapd/hostapd.conf4
-rw-r--r--hostapd/wpa.c21
-rw-r--r--hostapd/wpa.h1
7 files changed, 35 insertions, 0 deletions
diff --git a/hostapd/ChangeLog b/hostapd/ChangeLog
index a8e7f4e..b2cfb5b 100644
--- a/hostapd/ChangeLog
+++ b/hostapd/ChangeLog
@@ -1,5 +1,10 @@
ChangeLog for hostapd
+????-??-?? - v0.6.6
+ * added a new configuration option, wpa_ptk_rekey, that can be used to
+ enforce frequent PTK rekeying, e.g., to mitigate some attacks against
+ TKIP deficiencies
+
2008-11-01 - v0.6.5
* added support for SHA-256 as X.509 certificate digest when using the
internal X.509/TLSv1 implementation
diff --git a/hostapd/config.c b/hostapd/config.c
index 7fceacb..d10d64f 100644
--- a/hostapd/config.c
+++ b/hostapd/config.c
@@ -1697,6 +1697,8 @@ struct hostapd_config * hostapd_config_read(const char *fname)
bss->wpa_strict_rekey = atoi(pos);
} else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) {
bss->wpa_gmk_rekey = atoi(pos);
+ } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) {
+ bss->wpa_ptk_rekey = atoi(pos);
} else if (os_strcmp(buf, "wpa_passphrase") == 0) {
int len = os_strlen(pos);
if (len < 8 || len > 63) {
diff --git a/hostapd/config.h b/hostapd/config.h
index 5c7d040..212e099 100644
--- a/hostapd/config.h
+++ b/hostapd/config.h
@@ -223,6 +223,7 @@ struct hostapd_bss_config {
int wpa_group_rekey;
int wpa_strict_rekey;
int wpa_gmk_rekey;
+ int wpa_ptk_rekey;
int rsn_pairwise;
int rsn_preauth;
char *rsn_preauth_interfaces;
diff --git a/hostapd/hostapd.c b/hostapd/hostapd.c
index e80446a..889f81e 100644
--- a/hostapd/hostapd.c
+++ b/hostapd/hostapd.c
@@ -293,6 +293,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
wconf->wpa_group_rekey = conf->wpa_group_rekey;
wconf->wpa_strict_rekey = conf->wpa_strict_rekey;
wconf->wpa_gmk_rekey = conf->wpa_gmk_rekey;
+ wconf->wpa_ptk_rekey = conf->wpa_ptk_rekey;
wconf->rsn_pairwise = conf->rsn_pairwise;
wconf->rsn_preauth = conf->rsn_preauth;
wconf->eapol_version = conf->eapol_version;
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 898a3a3..599d7f1 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -710,6 +710,10 @@ own_ip_addr=127.0.0.1
# (in seconds).
#wpa_gmk_rekey=86400
+# Maximum lifetime for PTK in seconds. This can be used to enforce rekeying of
+# PTK to mitigate some attacks against TKIP deficiencies.
+#wpa_ptk_rekey=600
+
# Enable IEEE 802.11i/RSN/WPA2 pre-authentication. This is used to speed up
# roaming be pre-authenticating IEEE 802.1X/EAP part of the full RSN
# authentication and key handshake before actually associating with a new AP.
diff --git a/hostapd/wpa.c b/hostapd/wpa.c
index c7bcac8..cc01f02 100644
--- a/hostapd/wpa.c
+++ b/hostapd/wpa.c
@@ -43,6 +43,7 @@ static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len);
static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx);
static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
struct wpa_group *group);
+static void wpa_request_new_ptk(struct wpa_state_machine *sm);
/* Default timeouts are 100 ms, but this seems to be a bit too fast for most
* WPA Supplicants, so use a bit longer timeout. */
@@ -260,6 +261,17 @@ static void wpa_rekey_gtk(void *eloop_ctx, void *timeout_ctx)
}
+static void wpa_rekey_ptk(void *eloop_ctx, void *timeout_ctx)
+{
+ struct wpa_authenticator *wpa_auth = eloop_ctx;
+ struct wpa_state_machine *sm = timeout_ctx;
+
+ wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
+ wpa_request_new_ptk(sm);
+ wpa_sm_step(sm);
+}
+
+
static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx)
{
if (sm->pmksa == ctx)
@@ -528,6 +540,7 @@ void wpa_auth_sta_deinit(struct wpa_state_machine *sm)
eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
eloop_cancel_timeout(wpa_sm_call_step, sm, NULL);
+ eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
if (sm->in_step_loop) {
/* Must not free state machine while wpa_sm_step() is running.
* Freeing will be completed in the end of wpa_sm_step(). */
@@ -1086,6 +1099,7 @@ void wpa_remove_ptk(struct wpa_state_machine *sm)
os_memset(&sm->PTK, 0, sizeof(sm->PTK));
wpa_auth_set_key(sm->wpa_auth, 0, "none", sm->addr, 0, (u8 *) "", 0);
sm->pairwise_set = FALSE;
+ eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
}
@@ -1553,6 +1567,13 @@ SM_STATE(WPA_PTK, PTKINITDONE)
/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
sm->pairwise_set = TRUE;
+ if (sm->wpa_auth->conf.wpa_ptk_rekey) {
+ eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
+ eloop_register_timeout(sm->wpa_auth->conf.
+ wpa_ptk_rekey, 0, wpa_rekey_ptk,
+ sm->wpa_auth, sm);
+ }
+
if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
WPA_EAPOL_authorized, 1);
diff --git a/hostapd/wpa.h b/hostapd/wpa.h
index 567a8bf..153106e 100644
--- a/hostapd/wpa.h
+++ b/hostapd/wpa.h
@@ -136,6 +136,7 @@ struct wpa_auth_config {
int wpa_group_rekey;
int wpa_strict_rekey;
int wpa_gmk_rekey;
+ int wpa_ptk_rekey;
int rsn_pairwise;
int rsn_preauth;
int eapol_version;