On Fri, 1 Jul 2022, achtol wrote:
Does this mean that WPA3 is incompatible with FIPS? That would be puzzling,
when the arguably less secure WPA2 does not pose such a problem (only
constraints on the length of SSID/passphrases).
Or, can it be claimed that these operations do not fulfill a security
function? In which case, I believe, using a non-FIPS-approved algorithm is
permitted.
Regardless of the reasoning employed (and hopefully it is the latter),
your FIPS 140-3 crypto library is not going to be very helpful since
it will refuse to work. You would then need to find the necessary
crypto algorithms independent of that library and add them in a
non-conflicting way, much as hostapd/wpa_supplicant include a private
implementation of MD5.
Bob
--
Bob Friesenhahn
bfriesen@xxxxxxxxxxxxxxxxxxx, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Public Key, http://www.simplesystems.org/users/bfriesen/public-key.txt
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
