Several modes
or ways of using the AES algorithm have been defined. AES-CCMP [16] is used in IEEE
802.11 to provide strong link layer encryption and data authentication. AES-CCMP
2 Here the term ???MIC??? is used, as ???MAC??? is already used for Medium Access Control. Message Authentication
Code (MAC) is the standard cryptographic term.
Wireless Local Area Network Security 150
combines Counter mode encryption with Cipher Block Chaining message
integrity/authentication.
Figure 7.4 below [17] shows the AES-CCMP encapsulation processing for an 802.11
frame; that is, the encryption and authentication using the AES-CCMP algorithm. The AES
cipher is used to calculate the MIC value (top half of Figure 7.4) and to encrypt the data
payload (lower half of Figure 7.4). The IV and counter contents and frame field definitions
are specified in [8].
Figure 7.4: CCMP Encapsulation.
Clear text frame
FC Dur A1 A2 A3 A4 SC QC PC Data MIC
AES_E(K) AES_E(K) AES_E(K) AES_E(K) AES_E(K)
CBC-MAC
AES_E(K) AES_E(K)
FC Dur A1 A2 A3 A4 SC QC PC Data MIC
Pl(2) Pl(1)
Counter preload
Transmitted
encrypted frame
IV
AES_E(K)
FCS
0 padded
0 padded
Flag Nonce Dlen
Flag Nonce Cnt
Hlen
AES_E(K)
Pl(C)
AES_E(K)
Pl(0)
Use of CCMP enables deployment of 802.
Pages:
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396