Re: SAE: reduce loop iterations of PWE derivation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Aug 12, 2024 at 07:50:53AM +0000, Gang Li wrote:
> For low-performance processors, reduce the number of loop iterations
> for PWE derivation to reduce the time to generate PWE.
> Add CONFIG_SAE_PWE_NS macro to enable it.

That would reintroduce the widely reported side-channel attacks against
SAE. If you want to do that and understand the consequences, that is
your choice, but I won't promote that in hostap.git.

An appropriate way to avoid the iterations is to upgrade to using the
direct hash-to-element mechanism with SAE. That avoids this loop
completely.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux