Hash-to-Element (H2E)
Hash-to-Element (H2E) is a new SAE Password Element (PWE) method. In this method, the secret PWE used in the SAE protocol is generated from a password.
When a STA that supports H2E initiates SAE with an AP, it checks whether AP supports H2E. If yes, the AP uses the H2E to derive the PWE by using a newly defined Status Code value in the SAE Commit message.
If STA uses Hunting-and-Pecking, the entire SAE exchange remains unchanged.
While using the H2E, the PWE derivation is divided into the following components:
-
Derivation of a secret intermediary element PT from the password. This can be performed offline when the password is initially configured on the device for each supported group.
-
Derivation of the PWE from the stored PT. This depends on the negotiated group and MAC addresses of peers. This is performed in real-time during the SAE exchange.
Note |
|