The interested reader can refer Spatial Multiplexing Power save here <Spatial Multiplexing Power Save> The SM Power-Save Action frame can be used to change the current SM Power-Save Configuration When the 802.11 Station needs to change the Antenna configuration – it sends a SM Power-Save action frame to the Access point indicating a change in […]

The Reverse Direction Grant feature was introduced in 802.11n. The Reverse direction grant was a feature which would allow for better usage of a Transmit opportunity (TXOP) as defined in WMM/EDCA. The need for Reverse Direction Grant (RDG) was felt as described in the next paragraph. The WMM/EDCA mechanism allowed for an 802.11 station to […]

For the Revere Direction Protocol to work – both the Transmitter and the receiver 802.11 stations need to support Reverse Direction Grant. 802.11 stations supporting Reverse Direction Grant would broadcast their support in the HT Capabilities element – RD Responder field. The HT capabilities element and the RD-Responder field present in the HT-Extended capabilities Info […]

The interested reader can look at an overview of Management Frame Protection in the following article<Management Frame Protection> Management Frame Protection is indicated in the 802.11 frames in the following manner. The RSN Capabilities indicate that the management protection is enabled. Management Frame Protection Required True (set to 1) – Management Frame Protection is required […]

In 802.11, data frames could be transmitted with encryption but management frames were always sent in the open (no encryption). The 802.11w standard amendment introduced management frame protection and the feature is deemed mandatory by the Wi-Fi alliance from 802.11ac onwards. The Management Frame protection would incorporate management frames that are transmitted after the AP […]

Broadcast Integrity protocol provides data integrity and replay protection to broadcast/multicast robust management frames. An IGTKSA (Integrity Group Temporal Key Security Association) should be established and an IGTK (Integrity Group Temporal Key) should be available for encrypting the Broadcast/Multicast frames. Let us take a brief look at the BIP frame format, Management MIC Element and […]

The Interested Reader can look at an overview of Management Frame Protection here <Management Frame Protection> The first Part of this series for BIP is present here <Management Frame Protection – Understanding BIP – Part 1> BIP Transmission The following steps are taken to compute the MIC value for transmission. The standard defines the steps […]

The interested Reader can look at Part 1 of the series here <Security Association (SA) Teardown Protection – Part 1> The different scenarios for SA security Teardown Protection and the message handling at that instance is provided below Scenario 1 – AP receives an association request from an Associated client – non-attack scenario The First […]

802.11w also introduced an association spoofing protection mechanism. It was to prevent replay attacks from tearing down an existing client association. It consists of two mechanisms – 1) Association comeback time 2) SA-Query Procedure Association comeback time When an Access Point (AP) receives an association request from a Client which has an existing association table […]

The TKIP encryption protocol was introduced to rectify the fallacies seen with WEP encryption till a time when a more secure encryption mechanism was developed (AES). Hence, the networks that supported TKIP became a Transition Stationary Network. The TKIP algorithm applied the below modifications to the existing WEP algorithm to address the WEP vulnerabilities The […]