IEEE 802.1X and EAP authentication Key generation and distribution based on the IEEE 802.

11i 4-Way Handshake TKIP mechanisms including – Encapsulation and decapsulation – Replay protection – Michael MIC integrity protection. ble 7-2 summarizes the primary features provided by IEEE 802.11i that are not included i

WPA2 is the Wi-Fi Alliance’s interoperability certification program for the complete ratified version of IEEE 802.11i. If a product holds the WPA2 certification, it complies completely with the IEEE 802.11 standard as amended by IEEE 802.11i and should work seamlessly with other WPA2-certified products under most operating conditions. Also, WPA2 is backward compatible 93 There are some subtle differences between the TKIP in WPA and in IEEE 802.11i, and the 4-Way Handshake. The WPA suites are also identified by a different OUI than the IEEE 802.11i suites. 94 In reality, Pre-Authentication and PMKSA caching are not considered to provide a sufficiently fast handoff to support layer 2 mobility; this was one of the motivations for creating the IEEE 802.11r Task Group, Fast Roaming/Fast BSS Transition. 7-3ESTABLISHING WIRELESS ROBUST SECURITY NETWORKS: A GUIDE TO IEEE 802.11I with WPA, so any WPA2 product should be able to interoperate with a WPA product. 95 Some products may require a hardware upgrade to achieve WPA2 compliance; older products, in general, cannot be upgraded to WPA2. Currently, certification involves interoperability testing with the following EAP methods: EAP-TLS EAP-TTLS/MSCHAPv2 PEAPv0/EAP-MSCHAPv2 PEAPv1/EAP-GTC EAP Subscriber Identity Module (EAP-SIM)

the AAA key changes. 33 . Each time a user 32 authenticates to the WLAN. is delivered to the AP through the Extensible Authentication Protocol (EAP) during the process of establishing an RSNA. organizations should carefully review any EAP authentication methods and AAA key generation approaches for possible vulnerabilities. numerous authentication techniques can be used with EAP. As discussed in Section 5. Authorization. Delivery of the AAA key relies on the key generation capability of the chosen EAP authentication method. also known as the Master Session Key (MSK). All EAP authentication methods supporting IEEE 802.11 RSNs must have the ability to create the AAA key for RSN security features to function properly.Authentication. which lasts until the key lifetime expires or the user reauthenticates. The AAA key. Decisions on the appropriate EAP authentication methods are left to the implementers of STAs or the AS. and Accounting Key (AAAK). the new key is then used for the duration of the user’s session. As a result.


which is used to provide the actual protection for user traffic . Using the STA and AP addresses in the generation of the PTK provides protection against session hijacking and impersonation.As shown in Figure 4-4. along with the MAC address of the STA and AP and nonces that each creates for the key generation process. 34 It also performs an access control function: proof-of-possession of the PMK. The PTK is composed of the following three keys: EAP Over LAN (EAPOL) Key Confirmation Key (EAPOL-KCK). which is used to protect the confidentiality of keys and other data during some RSNA procedures. An entity that possesses the PMK is authorized to use the link. the root key—either the PSK or the AAAK—is used to formulate the Pairwise Master Key (PMK). EAPOL Key Encryption Key (EAPOL-KEK). The PMK is a key-generating key used for the derivation of the Pairwise Transient Key (PTK). Temporal Key (TK). which is used to support the integrity and data origin authenticity of STA-to-AP control frames during operational setup of an RSN. using nonces provides additional random keying material.