Table of Contents
Advertisement
CSP
802.11i Group Master Key
(GMK)
802.11i Group Transient
Key (GTK)
802.11i Group AES-CCM
Data Encryption/MIC Key
RSA private Key
CSP TYPE
GENERATION
256-bit
Generated from approved
secret used
RNG
to derive
GTK
256-bit
Internally derived by AP
shared secret
which assumes
"authenticator" role in
used to
derive group
handshake
(multicast)
encryption
and integrity
keys
128-bit
Derived from 802.11
AES-CCM
group key handshake
key derived
from GTK
1024/2048-
Generated on the AP
bit RSA
(remains in AP at all
private key
times)
43
STORAGE
And
USE
ZEROIZATI
ON
Stored in
Used to derive
plaintext in
Group
volatile
Transient Key
memory;
(GTK)
zeroized on
reboot
Stored in
Used to derive
plaintext in
multicast
volatile
cryptographic
memory;
keys
zeroized on
reboot
Stored in
Used to protect
plaintext in
multicast
volatile
message
memory;
confidentiality
zeroized on
and integrity
reboot
(AES-CCM)
Stored in and
Used for
protected by
IKEv1/IKEv2
AP's non-
authentication
volatile
when AP is
memory.
authenticating
zeroized by the
using
'ap wipe out
certificate
flash'
based
command
authentication
Advertisement
Table of Contents
