On Mon, Aug 12, 2024 at 07:50:53AM +0000, Gang Li wrote: > For low-performance processors, reduce the number of loop iterations > for PWE derivation to reduce the time to generate PWE. > Add CONFIG_SAE_PWE_NS macro to enable it. That would reintroduce the widely reported side-channel attacks against SAE. If you want to do that and understand the consequences, that is your choice, but I won't promote that in hostap.git. An appropriate way to avoid the iterations is to upgrade to using the direct hash-to-element mechanism with SAE. That avoids this loop completely. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
