EAPOL 4-Way Handshake

EAPOL stands for Extensible Authentication Protocol(EAP) over LAN. A simple 4-way handshake is shown pictorially below A top level description of a successful 4-Way-Handshake is explained below At the start of the 4-way handshake, both the Access Point and the 802.11 station contain the PMK The Access Point and the 802.11 Station generate a random […]

The 802.11i security association creates a number of security contexts. The different Security contexts and what they contain are provided below

PMKSA

The PMKSA stands for Pairwise Master Key Security Association – it is generated at the end of the EAP handshake (successful 802.1X negotiation) or when a PSK is configured. The PMKSA binds the PMK to a lifetime which can persist across multiple associations by a roaming Station. The PMKSA contains the following information –

  • PMK
  • Authenticator MAC address
  • PMK lifetime
  • Pairwise Master Key Identifier (PMKID)
  • AKMP
  • All additional authorization parameters – e.g. STA’s authorized SSID

When an 802.11 station roams to a different Access Point – a new PMKSA is generated for the new association. If the 802.11 Station roams back to the old Access Point – the PMKSA from the previous association to that Access Point can be used to skip the 802.1 X EAP handshakes and directly proceed to the EAPOL handshake

PMKID

The PMKID is a number that is linked to a Pairwise Master Key Security Association. The PMKID is used to identify a unique PMKSA and can be used by a station to request to reuse a former PMK security association

PTKSA

The PTKSA stands for Pairwise Transient Key Security Association – it is generated at the end of the 4-way EAPOL handshake, FT 4-way handshake, FT Protocol or FT resource request protocol. The PTKSA is relevant till the station is de-authenticated or for the lifetime of a PMKSA. The PTKSA contains the following

  • PTK
  • Supplicant MAC Address
  • Authenticator MAC Address
  • Pairwise cipher suite
  • Key ID
  • If FT key hierarchy is used,
    • R1KH-ID
    • S1KH-ID
    • PTKName

GTKSA

The GTKSA results from a successful 4-Way Handshake, FT 4-Way Handshake, FT Protocol, FT Resource Request Protocol or the Group Key Handshake and is unidirectional. In an infrastructure BSS, there is one GTKSA, used exclusively for encrypting group addressed MPDUs that are transmitted by the AP and for decrypting group addressed transmissions that are received by the STAs. The GTKSA contains the following elements

  • Direction vector (whether the GTK is used for transmit or receive).
  • Group cipher suite selector
  • GTK
  • Authenticator MAC address
  • Key ID.
  • All authorization parameters specified by local configuration. This might include parameters such as the STA’s authorized SSID. 

We shall look at wireless Capture example of a Pre-shared Key Mechanism in the coming article

Wireless Capture Example – Pre-shared Key Part 1

TKIP Replay Protection

TKIP provides a 48 bit (6 bytes) monotonically increasing Transmit Sequence Counter (TSC) which it appends to each packet. If any TKIP packet is received wherein the TSC value is lesser than or equal to current Replay counter value – the frame is silently discarded. The 802.11 standard defines a set of rules for TKIP […]

AES Encapsulation

The AES Encryption process involves encryption of the data part of the MPDU. The CCMP Encapsulation Block diagram is shown below FIG Courtesy: 802.11 Standard Some description of the parameters TK – AES Temporal Key – obtained during EAPOL handshake PN – Packet Number – initialized to 1 when the Temporal Key (TK) is initialized […]

AES Encryption Mechanism

The AES encryption scheme was introduced in 802.11i for use in Robust Security Networks. The AES encryption mechanism that is used is “CTR with CBC-MAC Protocol (CCMP)”. As stated in the 802.11-2012TM Standard – CCMP works on the following parameters and provides the following security features “CCMP is based on the CCM of the AES […]

WLAN (802.11) Authentication and Data Security

WLAN standard has evolved from the early days of Wi-Fi to the present day in the area of authentication mechanisms and security for WLAN devices. Authentication mechanisms and security are two separate entities and should not be confused with one another. Authentication mechanisms provide a means to gain access to a particular network Security provides […]

WLAN Shared Key Authentication

In contrast to Open System Authentication, in Shared Key Authentication the key that would be used for data security is used to authenticate the WLAN station. The Below steps are followed in Shared Key Authentication Authentication request sent by WLAN (802.11) STA to Access Point AP sends a challenge text to 802.11 STA (in cleartext) […]

WEP Encryption – Key Mapping Keys

A Key-Mapping Key is a key which maps to a Transmitter address – Receiver address combination. That is, The Key-mapping key between a particular transmitter address and a receiver address can only be used between that [transmitter address, receiver address] combination and not with other transmitter or receiver address combinations. This is different from that […]

WEP Encryption

The 802.11 standard introduced the WEP (wired Equivalent Privacy) in the very first 802.11 standard as a means of providing security for WLAN packet transmissions. The WEP security as the name suggests was supposed to provide frame protection equivalent to a Wired Network. The WEP Encryption method provided two types of Encryption keys Default WEP […]

WPA Information Element

The Wi-Fi/802.11 standard introduced two new Information elements to cater to the new WPA/WPA2 encryption scheme. They are the WPA (Wireless Protected Access) and RSN (Robust Security Network) Information Elements. Any Station containing a WPA/RSN information element in its Association request would need to perform an 802.11i/802.1X security handshake. The WPA Information Element is shown […]