jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
hostap/src
History
Jouni Malinen 4cada9dcc1 FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS 
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss
here means there would not be proper PFS for the case where PMKSA
caching is used with FILS SK+PFS authentication. This was not really the
intent of the FILS design and that issue was fixed during REVmd work
with the changes proposed in
https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx
that add DHss into FILS-Key-Data (and PTK, in practice) derivation for
the PMKSA caching case so that a unique ICK, KEK, and TK are derived
even when using the same PMK.

Note: This is not backwards compatible, i.e., this breaks PMKSA caching
with FILS SK+PFS if only STA or AP side implementation is updated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-13 22:17:58 +03:00
..
ap FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS 2017-09-13 22:17:58 +03:00
common FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS 2017-09-13 22:17:58 +03:00
crypto crypto: Fix undefined behavior in random number generator 2017-09-10 21:50:21 +03:00
drivers macsec_linux: Exit early when missing macsec kernel module 2017-09-10 22:26:36 +03:00
eap_common Use os_memdup() 2017-03-07 13:19:10 +02:00
eap_peer Send Client-Error when AT_KDF attributes from the server are incorrect 2017-09-10 20:11:07 +03:00
eap_server Use os_memdup() 2017-03-07 13:19:10 +02:00
eapol_auth Use os_memdup() 2017-03-07 13:19:10 +02:00
eapol_supp eap_proxy: Support multiple SIMs in get_imsi() 2017-06-06 03:42:32 +03:00
fst FST: Silence compiler warning on WPA_ASSERT 2017-01-29 18:45:29 +02:00
l2_packet tests: Add TEST_FAIL() checks in l2_packet 2017-03-04 11:43:58 +02:00
p2p P2P: Do not use wait_time for SD Response TX for last fragmentation 2017-04-01 14:25:26 +03:00
pae mka: Add error handling for secy_init_macsec() calls 2017-09-10 22:23:25 +03:00
radius Use os_memdup() 2017-03-07 13:19:10 +02:00
rsn_supp FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS 2017-09-13 22:17:58 +03:00
tls Use os_memdup() 2017-03-07 13:19:10 +02:00
utils hs20-osu-client: Fix build with new OpenSSL and BoringSSL 2017-08-23 11:40:10 +03:00
wps Use os_memdup() 2017-03-07 13:19:10 +02:00
lib.rules Add QUIET=1 option for make 2014-12-29 15:49:05 +02:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00