The AES Encryption process involves encryption of the data part of the MPDU. The CCMP Encapsulation Block diagram is shown below
FIG Courtesy: 802.11 Standard
Some description of the parameters
TK – AES Temporal Key – obtained during EAPOL handshake
PN – Packet Number – initialized to 1 when the Temporal Key (TK) is initialized or refreshed. It increases monotonically for each encrypted packet.
AAD – Additional Authentication Data – created from the MPDU header. The AAD construction will be seen in the Encapsulation description below
A2 – MPDU Address field 2
Key ID – Key Identifier obtained during EAPOL handshake
Priority – The QoS TID value of the MPDU packet – set to zero when no QoS Control field is present
The below steps are followed to encapsulate the data part of frame and create an AES encrypted frame for transmission.
- Increment the PN, to obtain a fresh PN for each MPDU, so that the PN never repeats for the same temporal key. Note that retransmitted MPDUs are not modified on retransmission.
- Use the fields in the MPDU header to construct the additional authentication data (AAD) for CCM. The CCM algorithm provides integrity protection for the fields included in the AAD. MPDU header fields that may change when retransmitted are muted by being masked to 0 when calculating the AAD.
NOTE: The AAD is constructed from the MPDU header. Parameters in the MPDU header which vary – certain IEs like HT Control field and Duration field are not part of the AAD construction. For the same reason – certain parameters in the Frame Control field (e.g. retry bit/power management bit/More data bit etc) are masked to Zero. The AAD Length also varies based on the presence of QoS control field and A4 fields.
For a detailed description of which parameters in the AAD are masked out and why – refer section 11.4.3.3.3 Construct AAD – in the 802.11-2012TM Standard
The AAD format is shown below.
FIG Courtesy – 802.11 Standard
- Construct the CCM Nonce block from the PN, A2, and the Priority field of the MPDU where A2 is MPDU Address 2.
The CCM Nonce format is shown below. For a detailed description of the CCM construction – refer 11.4.3.3.4 Construct CCM nonce – 802.11-2012TM Standard
Description of the above fields is given below
Management frame bit – set to 1 when Management Frame protection is valid, otherwise 0
Priority – QoS TID value. It is set to 0 if the QoS Control field is not present
A2 – Address 2 field of MPDU
PN – Packet number
- Place the new PN and the key identifier into the 8-octet CCMP header.
- Use the temporal key, AAD, nonce, and MPDU data to form the cipher text and MIC. This step is known as CCM originator processing.
- Form the encrypted MPDU by combining the original MPDU header, the CCMP header, the encrypted data and MIC