On 12/16/2011 11:43 AM, Robert Moskowitz wrote:
I requested this on the Network Manager list, but probably it has to
be implemented a bit deeper than there....
This list is probably the closest I am to developers of Fedora.
The 802.11s standard is now published. Boy did that take long
enough! :)
There is a new password authentication method in 11s that the way it
was defined will work just fine between an AP and STA, or in adhoc
between two STAs. This method is called "Secure Authentication of
Equals" or SAE. It is a zero-based knowledge authenticaiton method
that is immune to offline attacks and an active attack gets only one
guess per attack. SAE is defined in Section 8.2a of 802.11s-2011. It
is already in the OpenAP code (or so its author, Dan Harkins of Aruba
told me).
We finally have a strong password authentication method for WiFi.
BTW, I am the author of the first paper on how to attack WPA-PSK, so I
am directly involved in 802.11 security issues.
Looks like it might already be in user space?
http://marc.info/?l=linux-wireless&m=130145440930760&w=2
It is NOT in NetworkManager as a security choice in f16.
I would hope to see SAE in APs in the near future.
I am digging into OpenWRT for AP support.
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test