mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-12-11 00:28:19 -05:00
349 lines
16 KiB
HTML
349 lines
16 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
|
|
<html>
|
|
<head>
|
|
<title>Linux WPA Supplicant (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i)</title>
|
|
<meta name="description" content="WPA Supplicant for Linux, BSD, and Windows (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i)">
|
|
<meta name="keywords" content="WPA, WPA2, IEEE 802.11i, IEEE 802.1X, WPA Supplicant, wpa_supplicant, TKIP, CCMP, EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-SIM, EAP-AKA, EAP-PSK, EAP-GTC, EAP-MSCHAPv2, EAP-MD5, EAP-FAST, EAP-PAX, EAP-IKEv2IEEE 802.1X Supplicant, IEEE 802.1aa, EAPOL, RSN, pre-authentication, PMKSA caching, BSD WPA Supplicant, FreeBSD WPA Supplicant, wireless, WinXP WPA Supplicant, EAP-TNC, TNCC, IF-IMC, IF-TNCCS, WPS">
|
|
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
|
|
</head>
|
|
|
|
<body>
|
|
<h2>Linux WPA/WPA2/IEEE 802.1X Supplicant</h2>
|
|
|
|
<p>wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and
|
|
Windows with
|
|
support for WPA and WPA2 (IEEE 802.11i / RSN). It is suitable for both
|
|
desktop/laptop computers and embedded systems. Supplicant is the IEEE
|
|
802.1X/WPA component that is used in the client stations. It
|
|
implements key negotiation with a WPA Authenticator and it controls
|
|
the roaming and IEEE 802.11 authentication/association of the wlan
|
|
driver.</p>
|
|
|
|
<p>wpa_supplicant is designed to be a "daemon" program that runs in the
|
|
background and acts as the backend component controlling the wireless
|
|
connection. wpa_supplicant supports separate frontend programs and a
|
|
text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with
|
|
wpa_supplicant.</p>
|
|
|
|
<p>wpa_supplicant uses a flexible build configuration that can be used
|
|
to select which features are included. This allows minimal code size
|
|
(from ca. 50 kB binary for WPA/WPA2-Personal and 130 kB binary for
|
|
WPA/WPA2-Enterprise without debugging code to 450 kB with most
|
|
features and full debugging support; these example sizes are from a
|
|
build for x86 target).</p>
|
|
|
|
|
|
<h4>Supported WPA/IEEE 802.11i features</h4>
|
|
|
|
<ul>
|
|
<li>WPA-PSK ("WPA-Personal")</li>
|
|
<li>WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")</li>
|
|
<li>key management for CCMP, TKIP, WEP104, WEP40</li>
|
|
<li>WPA and full IEEE 802.11i/RSN/WPA2</li>
|
|
<li>RSN: PMKSA caching, pre-authentication</li>
|
|
<li>IEEE 802.11r</li>
|
|
<li>IEEE 802.11w</li>
|
|
<li>Wi-Fi Protected Setup (WPS)</li>
|
|
</ul>
|
|
|
|
<h4>Supported EAP methods (IEEE 802.1X Supplicant)</h4>
|
|
|
|
<ul>
|
|
<li>EAP-TLS</li>
|
|
<li>EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)</li>
|
|
<li>EAP-PEAP/TLS (both PEAPv0 and PEAPv1)</li>
|
|
<li>EAP-PEAP/GTC (both PEAPv0 and PEAPv1)</li>
|
|
<li>EAP-PEAP/OTP (both PEAPv0 and PEAPv1)</li>
|
|
<li>EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)</li>
|
|
<li>EAP-TTLS/EAP-MD5-Challenge</li>
|
|
<li>EAP-TTLS/EAP-GTC</li>
|
|
<li>EAP-TTLS/EAP-OTP</li>
|
|
<li>EAP-TTLS/EAP-MSCHAPv2</li>
|
|
<li>EAP-TTLS/EAP-TLS</li>
|
|
<li>EAP-TTLS/MSCHAPv2</li>
|
|
<li>EAP-TTLS/MSCHAP</li>
|
|
<li>EAP-TTLS/PAP</li>
|
|
<li>EAP-TTLS/CHAP</li>
|
|
<li>EAP-SIM</li>
|
|
<li>EAP-AKA</li>
|
|
<li>EAP-AKA'</li>
|
|
<li>EAP-PSK</li>
|
|
<li>EAP-FAST</li>
|
|
<li>EAP-PAX</li>
|
|
<li>EAP-SAKE</li>
|
|
<li>EAP-IKEv2</li>
|
|
<li>EAP-GPSK</li>
|
|
<li>LEAP (note: requires special support from the driver)</li>
|
|
</ul>
|
|
|
|
<p>Following methods are also supported, but since they do not generate keying
|
|
material, they cannot be used with WPA or IEEE 802.1X WEP keying.</p>
|
|
|
|
<ul>
|
|
<li>EAP-MD5-Challenge</li>
|
|
<li>EAP-MSCHAPv2</li>
|
|
<li>EAP-GTC</li>
|
|
<li>EAP-OTP</li>
|
|
<li>EAP-TNC (Trusted Network Connect; TNCC, IF-IMC, IF-T, IF-TNCCS)</li>
|
|
</ul>
|
|
|
|
<p>More information about EAP methods and interoperability testing is
|
|
available in <a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/eap_testing.txt">eap_testing.txt</a>.</p>
|
|
|
|
|
|
<h4>Supported TLS/crypto libraries</h4>
|
|
|
|
<ul>
|
|
<li>OpenSSL (default)</li>
|
|
<li>GnuTLS</li>
|
|
</ul>
|
|
|
|
<h4>Internal TLS/crypto implementation (optional)</h4>
|
|
|
|
<ul>
|
|
<li>can be used in place of an external TLS/crypto library</li>
|
|
<li>TLSv1</li>
|
|
<li>X.509 certificate processing</li>
|
|
<li>PKCS #1</li>
|
|
<li>ASN.1</li>
|
|
<li>RSA</li>
|
|
<li>bignum</li>
|
|
<li>minimal size (ca. 50 kB binary, parts of which are already needed for WPA;
|
|
TLSv1/X.509/ASN.1/RSA/bignum parts are about 25 kB on x86)</li>
|
|
</ul>
|
|
|
|
<h4>Supported wireless cards/drivers</h4>
|
|
|
|
<ul>
|
|
<li>Linux drivers that support nl80211/cfg80211 (most new drivers)</li>
|
|
<li>Linux drivers that support Linux Wireless Extensions v19 or newer with
|
|
WPA/WPA2 extensions</li>
|
|
<li><a href="http://hostap.epitest.fi/">Host AP driver for Prism2/2.5/3</a> (WPA and WPA2)</li>
|
|
<li><a href="http://www.linuxant.com/driverloader/">Linuxant DriverLoader</a> with Windows NDIS driver supporting WPA/WPA2</li>
|
|
<li><a href="http://www.agere.com/support/drivers/">Agere Systems Inc. Linux Driver</a> (Hermes-I/Hermes-II chipset) (WPA, but not WPA2)</li>
|
|
<li><a href="http://sourceforge.net/projects/madwifi/">madwifi (Atheros ar521x)</a></li>
|
|
<li><a href="http://atmelwlandriver.sourceforge.net/">ATMEL AT76C5XXx</a></li>
|
|
<li><a href="http://ndiswrapper.sourceforge.net/">Linux ndiswrapper</a></li>
|
|
<li>Broadcom wl.o driver</li>
|
|
<li><a href="http://sourceforge.net/projects/ipw2100/">Intel ipw2100</a></li>
|
|
<li><a href="http://sourceforge.net/projects/ipw2200/">Intel ipw2200</a></li>
|
|
<li>Wired Ethernet drivers</li>
|
|
<li>BSD net80211 layer (e.g., Atheros driver) (FreeBSD 6-CURRENT and NetBSD current)</li>
|
|
<li>Windows NDIS drivers (Windows; at least XP and 2000, others not tested)</li>
|
|
</ul>
|
|
|
|
<p>wpa_supplicant was designed to be portable for different drivers and
|
|
operating systems. Hopefully, support for more wlan cards and OSes will be
|
|
added in the future. See <a href="devel/">developers' documentation</a>
|
|
for more information about the design of wpa_supplicant and porting to
|
|
other drivers.</p>
|
|
|
|
<h3><a name="download">Download</a></h3>
|
|
|
|
<p>
|
|
<b>wpa_supplicant</b><br>
|
|
Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
|
|
and contributors.
|
|
</p>
|
|
|
|
<p>
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License version 2 as
|
|
published by the Free Software Foundation. See
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=COPYING">COPYING</a>
|
|
for more details.
|
|
</p>
|
|
|
|
<p>Alternatively, this software may be distributed, used, and modified
|
|
under the terms of BSD license. See <a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README">README</a>
|
|
for more details.</p>
|
|
|
|
<p>
|
|
<b>Please see
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README">README</a>
|
|
for the current documentation.</b><br>
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README-Windows.txt">README-Windows.txt</a>
|
|
has some more information about the Windows port of wpa_supplicant.</p>
|
|
|
|
|
|
<ul>
|
|
<li><a href="../releases.html">Release graph</a></li>
|
|
<li>Latest stable release:
|
|
<ul>
|
|
<li><a href="../releases/wpa_supplicant-0.6.10.tar.gz">wpa_supplicant-0.6.10.tar.gz</a> (source code for all versions)</li>
|
|
<li><a href="../releases/wpa_supplicant-0.6.10.exe">wpa_supplicant-0.6.10.exe</a> (binary installer for Windows)</li>
|
|
<li><a href="../releases/wpa_supplicant-windows-bin-0.6.10.zip">wpa_supplicant-windows-bin-0.6.10.zip</a> (binaries for Windows)</li>
|
|
<li><a href="qt4/wpa_gui-qt433-windows-dll.zip">wpa_gui-qt433-windows-dll.zip</a> (Qt4 libraries from wpa_gui/Windows)</li>
|
|
</ul>
|
|
<li>Latest development release:
|
|
<ul>
|
|
<li><a href="../releases/wpa_supplicant-0.7.2.tar.gz">wpa_supplicant-0.7.2.tar.gz</a> (source code for all versions)</li>
|
|
<li><a href="../releases/wpa_supplicant-0.7.2.exe">wpa_supplicant-0.7.2.exe</a> (binary installer for Windows)</li>
|
|
<li><a href="../releases/wpa_supplicant-windows-bin-0.7.2.zip">wpa_supplicant-windows-bin-0.7.2.zip</a> (binaries for Windows)</li>
|
|
</ul>
|
|
<li>ChangeLog:
|
|
<ul>
|
|
<li><a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/ChangeLog">development branch</a></li>
|
|
<li><a href="/gitweb/gitweb.cgi?p=hostap-06.git;a=blob_plain;f=wpa_supplicant/ChangeLog">stable branch</a></li>
|
|
</ul>
|
|
<li><a href="../releases/">Old releases</a></li>
|
|
<li><a href="http://lists.shmoo.com/mailman/listinfo/hostap">Mailing list</a></li>
|
|
<li><a href="http://lists.shmoo.com/pipermail/hostap/">New mailing list archives</a></li>
|
|
<li><a href="/gitweb/gitweb.cgi">Web interface to GIT repository (0.6.x and newer)</a></li>
|
|
<li><a href="/cgi-bin/viewcvs.cgi/hostap/">Web interface to CVS repository (0.5.x and older)</a></li>
|
|
<li><a href="../releases/snapshots/">Snapshot releases from all active branches</a>
|
|
<li><a href="../cvs.html">GIT and read-only anonymous CVS access (pserver)</a></li>
|
|
<li><a href="../bugz/">Bug and feature request tracking</a></li>
|
|
<li><a href="devel/">Developers' documentation for wpa_supplicant 0.6.x</a></li>
|
|
<li><a href="wpa_gui.html">wpa_gui screenshots</a></li>
|
|
</ul>
|
|
|
|
<h3>WPA</h3>
|
|
|
|
<p>The original security mechanism of IEEE 802.11 standard was not
|
|
designed to be strong and has proven to be insufficient for most
|
|
networks that require some kind of security. Task group I (Security)
|
|
of <a href="http://www.ieee802.org/11/">IEEE 802.11 working group</a>
|
|
has worked to address the flaws of the base standard and in
|
|
practice completed its work in May 2004. The IEEE 802.11i amendment to
|
|
the IEEE 802.11 standard was approved in June 2004 and published in
|
|
July 2004.</p>
|
|
|
|
<p><a href="http://www.wi-fi.org/">Wi-Fi Alliance</a> used a draft
|
|
version of the IEEE 802.11i work (draft 3.0) to define a subset of the
|
|
security enhancements that can be implemented with existing wlan
|
|
hardware. This is called Wi-Fi Protected Access (WPA). This has
|
|
now become a mandatory component of interoperability testing and
|
|
certification done by Wi-Fi Alliance. Wi-Fi has
|
|
<a href="http://www.wi-fi.org/OpenSection/protected_access.asp">information
|
|
about WPA</a> at its web site.</p>
|
|
|
|
<p>IEEE 802.11 standard defined wired equivalent privacy (WEP) algorithm
|
|
for protecting wireless networks. WEP uses RC4 with 40-bit keys,
|
|
24-bit initialization vector (IV), and CRC32 to protect against packet
|
|
forgery. All these choices have proven to be insufficient: key space is
|
|
too small against current attacks, RC4 key scheduling is insufficient
|
|
(beginning of the pseudorandom stream should be skipped), IV space is
|
|
too small and IV reuse makes attacks easier, there is no replay
|
|
protection, and non-keyed authentication does not protect against bit
|
|
flipping packet data.</p>
|
|
|
|
<p>WPA is an intermediate solution for the security issues. It uses
|
|
Temporal Key Integrity Protocol (TKIP) to replace WEP. TKIP is a
|
|
compromise on strong security and possibility to use existing
|
|
hardware. It still uses RC4 for the encryption like WEP, but with
|
|
per-packet RC4 keys. In addition, it implements replay protection,
|
|
keyed packet authentication mechanism (Michael MIC).</p>
|
|
|
|
<p>Keys can be managed using two different mechanisms. WPA can either use
|
|
an external authentication server (e.g., RADIUS) and EAP just like
|
|
IEEE 802.1X is using or pre-shared keys without need for additional
|
|
servers. Wi-Fi calls these "WPA-Enterprise" and "WPA-Personal",
|
|
respectively. Both mechanisms will generate a master session key for
|
|
the Authenticator (AP) and Supplicant (client station).</p>
|
|
|
|
<p>WPA implements a new key handshake (4-Way Handshake and Group Key
|
|
Handshake) for generating and exchanging data encryption keys between
|
|
the Authenticator and Supplicant. This handshake is also used to
|
|
verify that both Authenticator and Supplicant know the master session
|
|
key. These handshakes are identical regardless of the selected key
|
|
management mechanism (only the method for generating master session
|
|
key changes).</p>
|
|
|
|
|
|
<h3>IEEE 802.11i / RSN / WPA2</h3>
|
|
|
|
<p>The design for parts of IEEE 802.11i that were not included in WPA
|
|
has finished (May 2004) and this amendment to IEEE 802.11 was approved
|
|
in June 2004. Wi-Fi Alliance is using the final IEEE 802.11i as a new
|
|
version of WPA called WPA2. This included, e.g., support for more
|
|
robust encryption algorithm (CCMP: AES in Counter mode with CBC-MAC)
|
|
to replace TKIP, optimizations for handoff (reduced number of messages
|
|
in initial key handshake, pre-authentication, and PMKSA caching).</p>
|
|
|
|
<h3>Using wpa_supplicant</h3>
|
|
|
|
<p>Following steps are used when associating with an AP using WPA:<p>
|
|
<ul>
|
|
<li>wpa_supplicant requests the kernel driver to scan neighboring BSSes</li>
|
|
<li>wpa_supplicant selects a BSS based on its configuration</li>
|
|
<li>wpa_supplicant requests the kernel driver to associate with the chosen
|
|
BSS</li>
|
|
<li>if WPA-EAP: integrated IEEE 802.1X Supplicant completes EAP
|
|
authentication with the authentication server (proxied by the
|
|
Authenticator in the AP)</li>
|
|
<li>If WPA-EAP: master key is received from the IEEE 802.1X Supplicant</li>
|
|
<li>If WPA-PSK: wpa_supplicant uses PSK as the master session key</li>
|
|
<li>wpa_supplicant completes WPA 4-Way Handshake and Group Key Handshake
|
|
with the Authenticator (AP). WPA2 has integrated the initial Group Key
|
|
Handshake into the 4-Way Handshake.</li>
|
|
<li>wpa_supplicant configures encryption keys for unicast and broadcast</li>
|
|
<li>normal data packets can be transmitted and received</li>
|
|
</ul>
|
|
|
|
<h4>Configuration file</h4>
|
|
|
|
<p>wpa_supplicant is configured using a text file that lists all accepted
|
|
networks and security policies, including pre-shared keys. See
|
|
example configuration file,
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/wpa_supplicant.conf">wpa_supplicant.conf</a>,
|
|
for detailed information about the configuration format and supported
|
|
fields. In addition, simpler example configurations are available for
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/plaintext.conf">plaintext</a>,
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/wep.conf">static WEP</a>,
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/ieee8021x.conf">IEEE 802.1X with dynamic WEP (EAP-PEAP/MSCHAPv2)</a>,
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/wpa-psk-tkip.conf">WPA-PSK/TKIP</a>, and
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/wpa2-eap-ccmp.conf">WPA2-EAP/CCMP (EAP-TLS)</a>.
|
|
In addition, wpa_supplicant can use OpenSSL engine to avoid need for
|
|
exposing private keys in the file system. This can be used for EAP-TLS
|
|
authentication with smartcards and TPM tokens.
|
|
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/openCryptoki.conf">Example configuration for using openCryptoki</a>
|
|
shows an example network block and related parameters for EAP-TLS
|
|
authentication using PKCS#11 TPM token.
|
|
</p>
|
|
|
|
<h3>Feedback, comments, mailing list</h3>
|
|
|
|
<p>
|
|
Any comments, reports on success/failure, ideas for further
|
|
improvement, feature requests, etc. are welcome at j@w1.fi.
|
|
Please note, that I often receive more email than I have time to answer.
|
|
Unfortunately, some messages may not get a reply, but I'll try to go
|
|
through my mail whenever time permits.
|
|
</p>
|
|
|
|
<p>Host AP mailing list can also be used for topics related to
|
|
wpa_supplicant. Since this list has a broader audience, your likelyhood
|
|
of getting responses is higher. This list is recommended for general
|
|
questions about wpa_supplicant and its development. In addition, I
|
|
will send release notes to it whenever a new version is available.
|
|
</p>
|
|
|
|
<p>
|
|
The mailing list information and web archive is at <a
|
|
href="http://lists.shmoo.com/mailman/listinfo/hostap">http://lists.shmoo.com/mailman/listinfo/hostap</a>.
|
|
Messages to hostap@shmoo.com will be delivered to the
|
|
subscribers. Please note, that due to large number of spam and virus
|
|
messages sent to the list address, the list is configured to accept
|
|
messages only from subscribed addresses. Messages from unsubscribed addresses
|
|
may be accepted manually, but their delivery will be delayed.
|
|
</p>
|
|
|
|
<p>
|
|
If you want to make sure your bug report of feature request does not
|
|
get lost, please report it through the bug tracking system as
|
|
<a href="../bugz/enter_bug.cgi">a new
|
|
bug/feature request</a>.
|
|
</p>
|
|
|
|
<hr>
|
|
<div>
|
|
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
|
|
<!-- Created: Sat May 22 21:41:58 PDT 2004 -->
|
|
<!-- hhmts start -->
|
|
Last modified: Sun Apr 18 17:25:53 EEST 2010
|
|
<!-- hhmts end -->
|
|
</div>
|
|
</body>
|
|
</html>
|