FS#57413 : [wpa_supplicant] Enable CONFIG

FS#57413 - [wpa_supplicant] Enable CONFIG_SAE

Attached to Project: Arch Linux
Opened by Benjamin Richter (Waldteufel) - Wednesday, 07 February 2018, 13:02 GMT
Last edited by Jan Alexander Steffens (heftig) - Wednesday, 22 January 2020, 23:00 GMT

Task Type	Feature Request
Category	Packages: Core
Status	Closed
Assigned To	Bartłomiej Piotrowski (Barthalion)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	7 Dennis (Maiburg) (2020-01-22) Justin Capella (justincapella) (2020-01-22) Henry Gebhardt (hsgg) (2020-01-17) rezad (rezad) (2020-01-10) Bjoern Franke (bjo) (2019-11-22) hexchain (hexchain) (2019-11-14) Pedro Nariyoshi (nariox) (2019-10-11)
Private	No

Details

Simultaneous Authentication of Equals (SAE) is a Diffie-Hellman based key establishment protocol. It is part of the 802.11s standard for mesh networking, but can also be used in AP mode. Like WPA-PSK it works with a pre-shared password, but in contrast to WPA-PSK it protects against dictionary attacks (c.f. <http://www.willhackforsushi.com/?page_id=50>).

Due to this security benefit, I suggest enabling the CONFIG_SAE build option.

This task depends upon

Closed by Jan Alexander Steffens (heftig)
Wednesday, 22 January 2020, 23:00 GMT
Reason for closing: Fixed
Additional comments about closing: wpa_supplicant 2:2.9-4

Comment by Benjamin Richter (Waldteufel) - Wednesday, 07 February 2018, 13:11 GMT

Sorry, should clarify this: it protects against _offline_ dictionary attacks

Comment by Benjamin Richter (Waldteufel) - Tuesday, 11 December 2018, 14:29 GMT

Field changed: Percent Complete (100% → 0%)

I'm a bit confused now - even though you closed this with "fixed", the option is not enabled in the wpa_supplicant packages.

Comment by Sergej Pupykin (sergej) - Sunday, 21 July 2019, 23:41 GMT

I suggest to add CONFIG_MESH=y too to support 802.11s.

Comment by Bjoern Franke (bjo) - Friday, 22 November 2019, 20:43 GMT

Popular FritzBoxes support WPA3 now in their Beta-firmware, but as I tried to use it: invalid key_mgmt 'SAE'. Any reason why this option is still disabled?

Comment by Jan Alexander Steffens (heftig) - Wednesday, 22 January 2020, 17:31 GMT

I have a wpa_supplicant build copying a bunch of CONFIG enables from Ubuntu and Fedora; pending tests.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#57413 - [wpa_supplicant] Enable CONFIG_SAE

Details

Loading...