Re: 802.1x and dynamic WEP keying


From: Vladimir Ivaschenko (hazard_at_hazard.maks.net)
Date: 2002-09-23 20:30:44 UTC



Mon, Sep 23, 2002 at 10:35:42AM -0700 Glenn.Durfee_at_parc.com wrote about RE: 802.1x and dynamic WEP keying

> We have it working using the hostap_pci driver + xsupplicant on the client, with a commercial RADIUS server and a commercial access point (Orinoco). The driver required slight modifications (see my message to this list on Sept. 19). The client device
is an IBM High Rate Wireless LAN MiniPCI (built-in 802.11b in the IBM Thinkpad.)
>
> My understanding is that the AP maintains per-client WEP keys which are generated once per 1x auth (and regenerated after some period of time, e.g. 1 hr) and a broadcast WEP key which is the same across clients (also regenerated after some period of tim
e.)

Are you sure that the keys are regenerated? What happens when a new key is broadcasted - does it affect client operation in any way (e.g., temporary packet loss etc).

I read that the session key is generated by the RADIUS server. I wonder what mechanism is used to update the key with a new one.

> Glenn
>
> -----Original Message-----
> From: Vladimir Ivaschenko [mailto:hazard_at_hazard.maks.net]
> Sent: Saturday, September 21, 2002 9:10 AM
> To: hostap_at_lists.ssh.com
> Subject: 802.1x and dynamic WEP keying
>
>
> Hi,
>
> I'm trying to find information on wheter dynamic WEP keying actually works with xsupplicant-based client + hostap(d) + FreeRADIUS, but didn't find any direct references so far.
>
> Did anyone check that? What cards did you use for the client? Is the
> session key generated once per session, or is regenerated after some period of time?
>
> I'm running a fixed outdoor wireless network and mainly interested in a solution which would provide facilities to periodically generate and distribute new WEP keys to all stations.
>
> --
> Best Regards
> Vladimir Ivaschenko
> http://www.hazard.maks.net/

-- 
Best Regards
Vladimir Ivaschenko
http://www.hazard.maks.net/


This archive was generated by hypermail 2.1.4.