Re: 802.1x and dynamic WEP keying


From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-09-24 03:29:39 UTC



On Mon, Sep 23, 2002 at 11:30:44PM +0300, Vladimir Ivaschenko wrote:

> Are you sure that the keys are regenerated? What happens when a new key is
> broadcasted - does it affect client operation in any way (e.g., temporary
> packet loss etc).

Yes, they can be regenerated. As far as the per-STA unicast key is considered, some packets will probably be dropped if there are any data transmit going on during the key transmit. Broadcast keys could use different key indexes (four of them available) to limit this effect.

> I read that the session key is generated by the RADIUS server. I wonder
> what mechanism is used to update the key with a new one.

The session key generated by RADIUS server is used to encrypt the WEP keys for the station so it does not need to change when sending new keys (generated by the AP).

-- 
Jouni Malinen                                            PGP id EFC895FA


This archive was generated by hypermail 2.1.4.