From: Michael Buesch <mb@bu3sch.de>
To: "Tomas Winkler" <tomasw@gmail.com>
Cc: "Jouni Malinen" <jkm@devicescape.com>,
"Jiri Benc" <jbenc@suse.cz>,
linux-wireless@vger.kernel.org
Subject: Re: d80211: current TKIP hwcrypto implementation seems to be broken
Date: Tue, 13 Feb 2007 00:23:53 +0100 [thread overview]
Message-ID: <200702130023.53271.mb@bu3sch.de> (raw)
In-Reply-To: <1ba2fa240702121515p7edd3682j87070b564cb08897@mail.gmail.com>
On Tuesday 13 February 2007 00:15, Tomas Winkler wrote:
> I fetching this from my "dusty" memory so I hope I'm right about it.
> TKIP phase1 one can be precomputed in advance. There's no runtime
Phase1 key changes on iv32 wrap.
> dependency after key exchange.
> Cached keys can be provided by supplicant. Usually u want to keep 2 or
> 3 cached TKIP phase1 for smooth decryption. As in QoS sequence
Hardware (bcm43xx at least) can only have one key at a time.
There's no point in caching, as phase1 key calculation is cheap
and can be done on-the-run. The expensive part it uploading it to HW.
> counters are kept per AC, you might get into gentle state of receiving
> packets for the old key. If you hold more then one phase1 you might
> be able decrypt the packets that doesn't match current phase1 in
> software.
You can generate the new key then. There is no point in wasting memory
by precomputation of the keys.
--
Greetings Michael.
next prev parent reply other threads:[~2007-02-12 23:24 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-04 12:44 d80211: current TKIP hwcrypto implementation seems to be broken Michael Buesch
2007-02-05 20:43 ` Jiri Benc
2007-02-05 21:38 ` Johannes Berg
2007-02-05 21:45 ` Johannes Berg
2007-02-05 21:48 ` Johannes Berg
2007-02-06 14:55 ` Michael Buesch
2007-02-12 18:30 ` Jouni Malinen
2007-02-12 21:39 ` Michael Buesch
2007-02-12 23:15 ` Tomas Winkler
2007-02-12 23:23 ` Michael Buesch [this message]
2007-02-12 23:54 ` Tomas Winkler
2007-02-13 0:10 ` Michael Buesch
2007-02-13 0:19 ` Tomas Winkler
2007-02-13 0:28 ` Jouni Malinen
2007-02-13 1:08 ` Tomas Winkler
2007-02-13 1:20 ` Jouni Malinen
2007-02-15 16:58 ` Tomas Winkler
2007-02-13 0:33 ` Michael Buesch
2007-02-13 1:09 ` Tomas Winkler
2007-02-12 23:53 ` Jouni Malinen
2007-02-13 0:06 ` Michael Buesch
2007-02-13 0:16 ` Michael Buesch
2007-02-13 16:18 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200702130023.53271.mb@bu3sch.de \
--to=mb@bu3sch.de \
--cc=jbenc@suse.cz \
--cc=jkm@devicescape.com \
--cc=linux-wireless@vger.kernel.org \
--cc=tomasw@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.