Message625

Issues
Show Unassigned
Show All
Search

Login




Register
Lost your login?

Help
Roundup docs

Author pcalhoun
Recipients
Date 2008-10-10.15:42:18
Content
Looking into this issue deeper, we agreed that we do not need to include the 
KEK and KCK. In fact, the spec should have said TK, not PTK. That said, I 
believe that in addition to that change, we could improve the spec to ensure 
interoperability. I would therefore recommend the following changes:

<proposed text>
6.1.  IEEE 802.11 Add WLAN
[...]
   Key:   A Session Key, whose length is known via the key length field,
      used to provide data privacy.  For encryption schemes that employ
      a separate encryption key for unicast and multicast traffic, the
      key included here only applies to multicast frames, and the cipher
      suite is specified in an accompanied RSN Information Element.  In
      these scenarios, the key and cipher information is communicated
      via the Add Station message element, see Section 4.6.8 in
      [I-D.ietf-capwap-protocol-specification] and the IEEE 802.11
      Station Session Key message element, see Section 6.15.  When used
      with WEP, the key field includes the broadcast key.  When used
      with CCMP, the Key field includes the 128-bit Group Temporal Key.
      When used with TKIP, the Key field includes the 256-bit Group
      Temporal Key (which consists of a 128-bit key used as input for
      TKIP key mixing, and two 64-bit keys used for Michael).

6.15.  IEEE 802.11 Station Session Key
[...]
   Key:   The pairwise key the WTP is to use when encrypting traffic to/
      from the station.  The format of the keys differ based on the
      crypto algorithm used.  For unicast WEP keys, the Key field
      consists of the actual unicast encryption key (note, this is used
      when WEP is used in conjunction with 802.1X, and therefore a
      unicast encryption key exists).  When used with CCMP, the Key
      field includes the 128-bit Temporal Key. When used with TKIP, the
      Key field includes the 256-bit Temporal Key (which consists of a
      128-bit key used as input for TKIP key mixing, and two 64-bit keys
      used for Michael).

6.21.  IEEE 802.11 Update WLAN
[...]
   Key:   A Session Key, whose length is known via the key length field,
      used to provide data privacy.  For static WEP keys, which is true
      when the 'Key Status' bit is set to one, this key is used for both
      unicast and multicast traffic.  For encryption schemes that employ
      a separate encryption key for unicast and multicast traffic, the
      key included here only applies to multicast data, and the cipher
      suite is specified in an accompanied RSN Information Element.  In
      these scenarios, the key, and cipher information, is communicated
      via the Add Station message element, see Section 4.6.8 in
      [I-D.ietf-capwap-protocol-specification].  When used with WEP, the
      key field includes the broadcast key.  When used with CCMP, the
      Key field includes the 128-bit Group Temporal Key. When used with
      TKIP, the Key field includes the 256-bit Group Temporal Key (which
      consists of a 128-bit key used as input for TKIP key mixing, and
      two 64-bit keys used for Michael).
</proposed text>
History
Date User Action Args
2008-10-10 15:42:18pcalhounlinkissue226 messages
2008-10-10 15:42:18pcalhouncreate