TKIP Encapsulation

Posted by vivekananda holla

The TKIP encapsulation process is shown below FIG Courtesy – 802.11 Standard Description of the parameters TA – Transmitter address TK – Temporal Key TSC – TKIP Sequence Counter Priority – QoS TID Priority – set to 0 if QoS control field is not present MIC Key – MIC transmitter Key (64 bits) obtained during […]

TKIP Decapsulation

Posted by vivekananda holla

The TKIP decapsulation Process is shown below FIG Courtesy: 802.11 Standard Description of the parameters TA – Transmitter address TK – Temporal Key TSC – TKIP Sequence Counter Priority – QoS TID Priority – set to 0 if QoS control field is not present MIC Key – MIC Receiver Key (64 bits) obtained during EAPOL […]

TKIP MIC – Need and MIC Format

Posted by vivekananda holla

The TKIP Michael Integrity check prevents forgery attacks. The MIC is a 64 bit (8 byte) value. The MIC in itself is weak and hence is encrypted and sent along with the MSDU. Since the ICV (Integrity Check Value) is computed on an MPDU in the MAC layer, The Michael Integrity check provides an upper […]

RSN Information Element

Posted by vivekananda holla

The RSN information element was brought out by the IEEE 802.11i Task Group. RSN stands for Robust Security Network and it made AES cipher mandatory with the use of Robust Security Network. The TKIP cipher can be used as Multicast/Broadcast cipher and so can WEP-40/WEP104, but if the authentication method is 802.1X then WEP-40/WEP-104/TKIP are […]

EAPOL 4-Way Handshake

Posted by vivekananda holla 3 Comments

EAPOL stands for Extensible Authentication Protocol(EAP) over LAN. A simple 4-way handshake is shown pictorially below A top level description of a successful 4-Way-Handshake is explained below At the start of the 4-way handshake, both the Access Point and the 802.11 station contain the PMK The Access Point and the 802.11 Station generate a random […]

The 802.11i security association creates a number of security contexts. The different Security contexts and what they contain are provided below

PMKSA

The PMKSA stands for Pairwise Master Key Security Association – it is generated at the end of the EAP handshake (successful 802.1X negotiation) or when a PSK is configured. The PMKSA binds the PMK to a lifetime which can persist across multiple associations by a roaming Station. The PMKSA contains the following information –

  • PMK
  • Authenticator MAC address
  • PMK lifetime
  • Pairwise Master Key Identifier (PMKID)
  • AKMP
  • All additional authorization parameters – e.g. STA’s authorized SSID

When an 802.11 station roams to a different Access Point – a new PMKSA is generated for the new association. If the 802.11 Station roams back to the old Access Point – the PMKSA from the previous association to that Access Point can be used to skip the 802.1 X EAP handshakes and directly proceed to the EAPOL handshake

PMKID

The PMKID is a number that is linked to a Pairwise Master Key Security Association. The PMKID is used to identify a unique PMKSA and can be used by a station to request to reuse a former PMK security association

PTKSA

The PTKSA stands for Pairwise Transient Key Security Association – it is generated at the end of the 4-way EAPOL handshake, FT 4-way handshake, FT Protocol or FT resource request protocol. The PTKSA is relevant till the station is de-authenticated or for the lifetime of a PMKSA. The PTKSA contains the following

  • PTK
  • Supplicant MAC Address
  • Authenticator MAC Address
  • Pairwise cipher suite
  • Key ID
  • If FT key hierarchy is used,
    • R1KH-ID
    • S1KH-ID
    • PTKName

GTKSA

The GTKSA results from a successful 4-Way Handshake, FT 4-Way Handshake, FT Protocol, FT Resource Request Protocol or the Group Key Handshake and is unidirectional. In an infrastructure BSS, there is one GTKSA, used exclusively for encrypting group addressed MPDUs that are transmitted by the AP and for decrypting group addressed transmissions that are received by the STAs. The GTKSA contains the following elements

  • Direction vector (whether the GTK is used for transmit or receive).
  • Group cipher suite selector
  • GTK
  • Authenticator MAC address
  • Key ID.
  • All authorization parameters specified by local configuration. This might include parameters such as the STA’s authorized SSID. 

We shall look at wireless Capture example of a Pre-shared Key Mechanism in the coming article

Wireless Capture Example – Pre-shared Key Part 1

TKIP Replay Protection

Posted by vivekananda holla

TKIP provides a 48 bit (6 bytes) monotonically increasing Transmit Sequence Counter (TSC) which it appends to each packet. If any TKIP packet is received wherein the TSC value is lesser than or equal to current Replay counter value – the frame is silently discarded. The 802.11 standard defines a set of rules for TKIP […]

AES Encapsulation

Posted by vivekananda holla

The AES Encryption process involves encryption of the data part of the MPDU. The CCMP Encapsulation Block diagram is shown below FIG Courtesy: 802.11 Standard Some description of the parameters TK – AES Temporal Key – obtained during EAPOL handshake PN – Packet Number – initialized to 1 when the Temporal Key (TK) is initialized […]

AES Encryption Mechanism

Posted by vivekananda holla

The AES encryption scheme was introduced in 802.11i for use in Robust Security Networks. The AES encryption mechanism that is used is “CTR with CBC-MAC Protocol (CCMP)”. As stated in the 802.11-2012TM Standard – CCMP works on the following parameters and provides the following security features “CCMP is based on the CCM of the AES […]

WLAN (802.11) Authentication and Data Security

Posted by vivekananda holla

WLAN standard has evolved from the early days of Wi-Fi to the present day in the area of authentication mechanisms and security for WLAN devices. Authentication mechanisms and security are two separate entities and should not be confused with one another. Authentication mechanisms provide a means to gain access to a particular network Security provides […]