| 1 |
On Saturday 22 Oct 2011 10:30:34 Lavender wrote: |
| 2 |
> >Who told you that? |
| 3 |
> >I searched information though internal search engine, |
| 4 |
> |
| 5 |
> all I got was that wpa_supplicant don't support AES and |
| 6 |
> once I had tried it just like the configuration you gave , |
| 7 |
> it failed ,so I thought wpa_supplicant still don't support AES . |
| 8 |
> Sorry, I made a mistake :-( , but finally I make it ,I can connect |
| 9 |
> the Internet . |
| 10 |
|
| 11 |
I'm glad you can now connect! :-) |
| 12 |
|
| 13 |
CCMP which stands for "Counter Mode with Cipher Block Chaining Message |
| 14 |
Authentication Code Protocol" uses the Counter Mode with CBC-MAC, which from |
| 15 |
what I understand uses 128bit AES ciphers. So, as long as you set up |
| 16 |
wpa_supplicant to use proto=RSN with pairwise=CCMP and group=CCMP you will |
| 17 |
always connect with the AES encryption standard. |
| 18 |
|
| 19 |
NOTE: It is not necessary to specify CCMP because it is used by default as |
| 20 |
the first option, but if you don't specify it and the AP uses WPA/TKIP only, |
| 21 |
then instead of the connection failing wpa_supplicant will switch from CCMP to |
| 22 |
TKIP. I'm stating the obvious here, but if having a wireless connection is |
| 23 |
more important than *always* using AES, then of course you do not need to |
| 24 |
specify CCMP. |
| 25 |
-- |
| 26 |
Regards, |
| 27 |
Mick |
Archives