Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: T2306: Add new cipher suites to the WiFi configuration #353

Merged
merged 2 commits into from Apr 18, 2020
Merged

feature: T2306: Add new cipher suites to the WiFi configuration #353

merged 2 commits into from Apr 18, 2020

Conversation

alainlamar
Copy link
Contributor 

Yet, VyOS knows these two encryption schemes for WiFi:

    1. CCMP = AES in Counter mode with CBC-MAC (CCMP-128)
    2. TKIP = Temporal Key Integrity Protocol

These encryption schemes are new and especially the Galois counter mode
cipher suites are very desirable!

    1. CCMP-256 = AES in Counter mode with CBC-MAC with 256-bit key
    2. GCMP = Galois/counter mode protocol (GCMP-128)
    3. GCMP-256 = Galois/counter mode protocol with 256-bit key

CCMP is supported by all WPA2 compatible NICs, so this remains the
default cipher for bidirectional and group packets while using WPA2.

Use 'iw list' to figure out which cipher suites your cards support
prior to configuring other cipher suites than CCMP. AP NICs and
STA NICs must both support at least one common cipher in a given
list in order to associate successfully.

@alainlamar
wireless: T2306: Add new cipher suites to the WiFi configuration
dfc38d0 
    Yet, VyOS knows these two encryption schemes for WiFi:

        1. CCMP = AES in Counter mode with CBC-MAC (CCMP-128)
        2. TKIP = Temporal Key Integrity Protocol

    These encryption schemes are new and especially the Galois counter mode
    cipher suites are very desirable!

        1. CCMP-256 = AES in Counter mode with CBC-MAC with 256-bit key
        2. GCMP = Galois/counter mode protocol (GCMP-128)
        3. GCMP-256 = Galois/counter mode protocol with 256-bit key

    CCMP is supported by all WPA2 compatible NICs, so this remains the
    default cipher for bidirectional and group packets while using WPA2.

    Use 'iw list' to figure out which cipher suites your cards support
    prior to configuring other cipher suites than CCMP. AP NICs and
    STA NICs must both support at least one common cipher in a given
    list in order to associate successfully.
@alainlamar
wireless: T2306: bugfix: insert missing </leafNode>
26010ae
@c-po c-po merged commit cf1ad0c into vyos:current Apr 18, 2020
@alainlamar alainlamar deleted the T2306 branch April 18, 2020 20:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
2 participants
@alainlamar @c-po