Software:Wpa supplicant
 Screenshot of wpa_gui | |
| Developer(s) | Jouni Malinen and others |
|---|---|
| Initial release | April 5, 2003 |
| Stable release | 2.9[1]
/ August 7, 2019 |
| Written in | C |
| Operating system | Cross-platform |
| Type | WLAN tools |
| License | BSD |
| Website | w1 |
wpa_supplicant is a free software implementation of an IEEE 802.11i supplicant for Linux, FreeBSD, NetBSD, QNX, AROS, Microsoft Windows, Solaris, OS/2 (including ArcaOS and eComStation)[2] and Haiku.[3] In addition to being a WPA3 and WPA2 supplicant, it also implements WPA and older wireless LAN security protocols.
Features
Features include:[4]
- WPA-PSK and WPA2-PSK ("WPA-Personal", pre-shared key)
- WPA3[5]
- WPA with EAP ("WPA-Enterprise", for example with RADIUS authentication server)
- RSN: PMKSA caching, pre-authentication
- IEEE 802.11r
- IEEE 802.11w
- Wi-Fi Protected Setup (WPS)
Included with the supplicant are a GUI and a command-line utility for interacting with the running supplicant. From either of these interfaces it is possible to review a list of currently visible networks, select one of them, provide any additional security information needed to authenticate with the network (for example, a passphrase, or username and password) and add it to the preference list to enable automatic reconnection in the future.[6]
The graphical user interface is built on top of the Qt library.
wpa_supplicant can authenticate with any of the following EAP (Extensible Authentication Protocol) methods: EAP-TLS, EAP-PEAP (both PEAPv0 and PEAPv1), EAP-TTLS, EAP-SIM, EAP-AKA, EAP-AKA', EAP-pwd, EAP-EKE, EAP-PSK (experimental), EAP-FAST, EAP-PAX, EAP-SAKE, EAP-GPSK, EAP-IKEv2, EAP-MD5, EAP-MSCHAPv2, and LEAP (requires special functions in the driver).[6]
Vulnerability to KRACK
wpa_supplicant was especially susceptible to KRACK, as it can be manipulated to install an all-zeros encryption key, effectively nullifying WPA2 protection in a man-in-the-middle attack.[7] Version 2.7 fixed KRACK and several other vulnerabilities.
See also
References
- ↑ "Index of /releases". w1.fi. 2019-08-07. https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog. Retrieved 2019-10-23.
- ↑ "wpa_supplicant". https://trac.netlabs.org/ports/wiki/wpa_supplicant.
- ↑ haiku/wpa_supplicant, Haiku, 2019-03-17, https://github.com/haiku/wpa_supplicant, retrieved 2020-03-07
- ↑ "wpa_supplicant(8) - Linux man page". https://linux.die.net/man/8/wpa_supplicant. Retrieved 2020-03-07.
- ↑ "wpa_supplicant". https://wiki.archlinux.org/title/Wpa_supplicant#Connections_to_pure_WPA3-SAE_access_points.
- ↑ 6.0 6.1 "Linux WPA Supplicant (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i)". w1.fi. https://w1.fi/wpa_supplicant/. Retrieved 2014-07-04.
- ↑ "Key Reinstallation Attacks disclosure website". https://www.krackattacks.com/. Retrieved 26 September 2018. "Linux's wpa_supplicant v2.6 is also vulnerable to the installation of an all-zero encryption key in the 4-way handshake."
External links
 |  |
