IEEE 802.11i-2004

IEEE 802.11i-2004

IEEE 802.11i-2004, or 802.11i, is an amendment to the IEEE 802.11 standard specifying security mechanisms for wireless networks. The amendment has been incorporated into the published IEEE 802.11-2007 standard.

802.11 is a set of IEEE standards that govern wireless networking transmission methods. They are commonly used today in their 802.11a, 802.11b, and 802.11g versions to provide wireless connectivity in the home, office and some commercial establishments.

Description

The draft standard was ratified on 24 June, 2004, and supersedes the previous security specification, Wired Equivalent Privacy (WEP), which was shown to have severe security weaknesses. Wi-Fi Protected Access (WPA) had previously been introduced by the Wi-Fi Alliance as an intermediate solution to WEP insecurities. WPA implemented a subset of 802.11i. The Wi-Fi Alliance refers to their approved, interoperable implementation of the full 802.11i as WPA2, also called RSN (Robust Security Network). 802.11i makes use of the Advanced Encryption Standard (AES) block cipher, whereas WEP and WPA use the RC4 stream cipher.cite web|url=http://standards.ieee.org/getieee802/download/802.11i-2004.pdf |format=pdf |title=IEEE 802.11i-2004: Amendment 6: Medium Access Control (MAC) Security Enhancements |date=2004-07-23 |publisher=IEEE Standards |accessdate=2007-12-21]

The 802.11i architecture contains the following components: 802.1X for authentication (entailing the use of EAP and an authentication server), RSN for keeping track of associations, and AES-based CCMP to provide confidentiality, integrity and origin authentication. Another important element of the authentication process is the four-way handshake, explained below.

Encryption key distribution

The Four-Way Handshake

The authentication process leaves two considerations: the access point (AP) still needs to authenticate itself to the client station (STA), and keys to encrypt the traffic need to be derived. The earlier EAP exchange has provided the shared secret key PMK (Pairwise Master Key). This key is however designed to last the entire session and should be exposed as little as possible. Therefore the four-way handshake is used to establish another key called the PTK (Pairwise Transient Key). The PTK is generated by concatenating the following attributes: PMK, AP nonce (ANonce), STA nonce (SNonce), AP MAC address and STA MAC address. The product is then put through a cryptographic hash function.

The handshake also yields the GTK (Group Temporal Key), used to decrypt multicast and broadcast traffic. The actual messages exchanged during the handshake are depicted in the figure and explained below:

# The AP sends a nonce-value to the STA (ANonce). The client now has all the attributes to construct the PTK.
# The STA sends its own nonce-value (SNonce) to the AP together with a MIC, including authentication, what really is a Message Authentication and Integrity Code: (MAIC).
# The AP sends the GTK and a sequence number together with another MIC. The sequence number is the sequence number that will be used in the next multicast or broadcast frame, so that the receiving STA can perform basic replay detection.
# The STA sends a confirmation to the AP.

As soon as the PTK is obtained it is divided into five separate keys:

PTK (Pairwise Transient Key – 64 bytes)

#16 bytes of EAPOL-Key Encryption Key (KEK) - AP uses this key to encrypt additional data sent (in the 'Key Data' field) to the client (for example, the RSN IE or the GTK)
#16 bytes of EAPOL-Key Confirmation Key (KCK)– Used to compute MIC on WPA EAPOL Key message
#16 bytes of Temporal Key (TK) – Used to encrypt/decrypt Unicast data packets
#8 bytes of Michael MIC Authenticator Tx Key – Used to compute MIC on unicast data packets transmitted by the AP
# 8 bytes of Michael MIC Authenticator Rx Key – Used to compute MIC on unicast data packets transmitted by the station

The Michael MIC Authenticator Tx/Rx Keys provided in the handshake are only used if the network is using TKIP to encrypt the data.

The Group Key Handshake

The GTK used in the network may need to be updated due to the expiry of a preset timer. When a device leaves the network, the GTK also needs to be updated. This is to prevent the device from receiving any more multicast or broadcast messages from the AP.

To handle the updating, 802.11i defines a "Group Key Handshake" that consists of a two-way handshake:

# The AP sends the new GTK to each STA in the network. The GTK is encrypted using the KEK assigned to that STA and protects the data from being tampered using a MIC.
# The STA acknowledges the new GTK and replies to the AP.

GTK ( Groupwise Transient Key – 32 bytes)

#16 bytes of Group Temporal Encryption Key – Used to encrypt Multicast data packets
#8 bytes of Michael MIC Authenticator Tx Key – Used to compute MIC on Multicast packet transmitted by AP
#8 bytes of Michael MIC Authenticator Rx Key – This is currently not used as stations do not send multicast traffic

The Michael MIC Authenticator Tx/Rx Keys provided in the handshake are only used if the network is using TKIP to encrypt the data.

ee also

* WLAN Authentication and Privacy Infrastructure (WAPI)
* Temporal Key Integrity Protocol (TKIP)
* CCMP
* WPS

External links

* NIST Special Publication 800-97, "Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i" as a [http://csrc.nist.gov/publications/nistpubs/800-97/SP800-97.pdf PDF] or [http://csrc.nist.gov/publications/nistpubs/800-100/sp800-100_March2007.zip zipped PDF] file
* [http://blogs.zdnet.com/Ou/?p=67 Understanding the updated WPA and WPA2 standards (Zdnet)]
* [http://www.microsoft.com/technet/community/columns/cableguy/cg0505.mspx Wi-Fi Protected Access 2 (WPA2) Overview (Microsoft)]
* [http://support.microsoft.com/?id=917021 Windows XP WPA2 Update (Microsoft)]
* [http://www.sans.org/rr/whitepapers/wireless/1467.php 802.11i (How we got here and where are we headed); PDF]
* Gnome [http://www.gnome.org/projects/NetworkManager/ Network Manager]
* WifiRadis [http://www.wifiradis.net a free online radius server with 802.11i PEAP and french documentation]
* [http://wire.cs.nthu.edu.tw/wire1x/ WIRE1x]
* [http://www.researchchannel.org/prog/displayevent.aspx?rID=4514&fID=345 802.11i Security Analysis: Can We Build a Secure WLAN?] on ResearchChannel (March 2005)

References


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • IEEE 802.11i — est un amendement à la norme IEEE 802.11 ratifié le 24 juin 2004 et publié le 23 juillet de la même année. Cet amendement plus connu sous le vocable de WPA2 (nom donné par la Wi Fi Alliance pour les matériels supportant cet amendement) traite du… …   Wikipédia en Français

  • IEEE 802.11 — is a set of standards for wireless local area network (WLAN) computer communication, developed by the IEEE LAN/MAN Standards Committee (IEEE 802) in the 5 GHz and 2.4 GHz public spectrum bands.General descriptionThe 802.11 family includes over… …   Wikipedia

  • 802.11i — IEEE 802.11i IEEE 802.11i est un amendement à la norme IEEE 802.11 ratifié le 24 juin 2004 et publié le 23 juillet de la même année. Cet amendement plus connu sous le vocable de WPA2 (nom donné par la Wi Fi Alliance pour les matériels supportant… …   Wikipédia en Français

  • IEEE 802.11 — (auch: Wireless LAN (WLAN), Wi Fi) bezeichnet eine IEEE Norm für Kommunikation in Funknetzwerken. Herausgeber ist das Institute of Electrical and Electronics Engineers (IEEE). Die erste Version des Standards wurde 1997 verabschiedet. Sie… …   Deutsch Wikipedia

  • Ieee 802.11 — Exemple d équipement fabriqué sur les recommandations de la norme IEEE 802.11. Ici, un routeur avec switch 4 ports intégré de la marque Linksys. IEEE 802.11 est un terme qui désigne un ensemble de normes concernant les réseaux sans fil qui ont… …   Wikipédia en Français

  • IEEE 802.11 — Exemple d équipement fabriqué sur les recommandations de la norme IEEE 802.11. Ici, un routeur avec switch 4 ports intégré de la marque Linksys. IEEE 802.11 est un ensemble de normes concernant les réseaux sans fil qui ont été mises au point par… …   Wikipédia en Français

  • IEEE 802.11r-2008 — or fast BSS transition (FT) is an amendment to the IEEE 802.11 standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one base station to another managed in a seamless manner.Rationale for …   Wikipedia

  • IEEE 802.10 — это бывший стандарт сетевой безопасности, использовавшийся в локальных вычислительных сетях (LAN) и сетях мегаполисов (MAN) на основе протоколов IEEE 802. Работа над IEEE 802.10 была прекращена в январе 2004 года, рабочая группа IEEE 802 в… …   Википедия

  • IEEE 802.10 — is a former standard for security functions that could be used in both local area networks and metropolitan area networks based on IEEE 802 protocols.802.10 specifies security association management and key management, as well as access control,… …   Wikipedia

  • IEEE 802.1X — is an IEEE Standard for port based Network Access Control; it is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN port, either establishing a point to point… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”