The AES encryption scheme was introduced in 802.11i for use in Robust Security Networks. The AES encryption mechanism that is used is “CTR with CBC-MAC Protocol (CCMP)”. As stated in the 802.11-2012TM Standard – CCMP works on the following parameters and provides the following security features
“CCMP is based on the CCM of the AES encryption algorithm. CCM combines CTR for data confidentiality and CBC-MAC for authentication and integrity. CCM protects the integrity of both the MPDU Data field and selected portions of the IEEE 802.11 MPDU header.”
The AES algorithm is defined in FIPS PUB 197-2001. CCM is explained in IETF RFC 3610.
The block size used in the AES is 128 bit and the key is also 128 bit key-length.
The CCMP MPDU format is shown below
FIG Courtesy: 802.11-2012TM Standard
8 bytes of CCMP header and 8 bytes of MIC is added to the MPDU for the sake of AES encryption.
The Packet number (PN) is 6 bytes – PN0 the least significant byte and PN5 the most significant byte.
The Ext IV field informs the receiver that an additional 8 bytes of header is added to the MPDU header due to CCMP. For CCMP – the Ext IV field is set to 1
Key ID field – contains the Key ID used in CCMP encapsulation
The reserved bits are set to Zero.