Plan 9: WiFi Protected Setup
Demo of Wifi router connection using WiFi Protected Setup (WPS).
WiFi Protected Setup (WPS) allows you to connect to an Access Point (router) via Push Button Control (PBC) or a temporary PIN.
Authentication Flow
| Direction | Message / Contents | Phase / Purpose |
|---|---|---|
| Supplicant → AP | Authentication Request | 802.11 Authentication |
| Supplicant ← AP | Authentication Response | |
| Supplicant → AP | Association Request | 802.11 Association |
| Supplicant ← AP | Association Response | |
| Supplicant → AP | EAPOL-Start | EAP Initiation |
| Supplicant ← AP | EAP-Request Identity | |
| Supplicant → AP | EAP-Response Identity (Identity: “WFA-SimpleConfig-Registrar-1-0”) |
|
| Supplicant ← AP | WSC Start | |
| Enrollee → Registrar (M1) | N1 || Description || PKₑ | Diffie-Hellman Key Exchange |
| Enrollee ← Registrar (M2) | N1 || N2 || Description || PKᵣ || Authenticator | |
| Enrollee → Registrar (M3) | N2 || E-Hash1 || E-Hash2 || Authenticator | Commit to PIN values |
| Enrollee ← Registrar (M4) | N1 || R-Hash1 || R-Hash2 || EKeyWrapKey(R-S1) || Authenticator | Prove possession of 1st half of PIN |
| Enrollee → Registrar (M5) | N2 || EKeyWrapKey(E-S1) || Authenticator | Prove possession of 1st half of PIN |
| Enrollee ← Registrar (M6) | N1 || EKeyWrapKey(R-S2) || Authenticator | Prove possession of 2nd half of PIN |
| Enrollee → Registrar (M7) | N2 || EKeyWrapKey(E-S2 || ConfigData) || Authenticator | Prove 2nd half of PIN; send AP configuration |
| Enrollee ← Registrar (M8) | N1 || EKeyWrapKey(ConfigData) || Authenticator | Set AP configuration |
Lessons Learnt
- The router sends the WSC start request only if WSC IE is sent in the association request (WPS flow).
- In WPA flow, you must NOT send WSC IE in the association request.
- PBC uses a shortened flow M1 → M2 → M3 → M5 → M7 → M8.
- Authenticator in M2 provides a good way of verifying cryptographic algorithm implementation.
- Use hnput{s,l,v} and nhget{s,l,v} defined in ip.h for byte endian conversions.
Code
References
Comments
Post a Comment