The RSN information element was brought out by the IEEE 802.11i Task Group. RSN stands for Robust Security Network and it made AES cipher mandatory with the use of Robust Security Network.
The TKIP cipher can be used as Multicast/Broadcast cipher and so can WEP-40/WEP104, but if the authentication method is 802.1X then WEP-40/WEP-104/TKIP are not allowed as group cipher as well.
TKIP as a pairwise cipher with WEP-40/WEP104 as Group Cipher is also not supported
The RSN Information Element is provided below. The Size of the RSN IE is limited to a maximum of 255 bytes
Fig Courtesy – 802.11 Standard
Element ID – 48
Length – provides the number of bytes in the RSN Information element
Version – RSN version number – set to 1
Group Cipher Suite – it contains the Organizational Unique Identifier and the type of encryption selected. Default OUI is 00-0F-AC
Pairwise Cipher suite count – indicates the number of pairwise cipher suites supported
Pairwise Cipher suite list – list of different pairwise cipher suites supported
AKM Count – number of Authentication Key Management Suites supported
AKM Suite list – list of Authentication Key Management Suites
RSN Capabilities – provides additional capabilities supported
PMKID Count – The PMKID Count is used in the re-association request frame/FT authentication sequence frames only. It defines the number of Pairwise Master Key Security Association Identifiers in the PMKID List
PMKID List – List of PMKIDs
Group Management Cipher suite – cipher suite selected to protect group addressed robust management frames
The below Table taken from the 802.11-2012TM Standard indicates the different Cipher suite selections available for group/pairwise and group Management protection
The AKM Cipher list is shown below taken from the 802.11-2012TM Standard
Fig Courtesy – 802.11 Standard