World Library  
Flag as Inappropriate
Email this Article

IEEE 802.11w

Article Id: WHEBN0024311449
Reproduction Date:

Title: IEEE 802.11w  
Author: World Heritage Encyclopedia
Language: English
Subject: IEEE 802.11
Publisher: World Heritage Encyclopedia

IEEE 802.11w

IEEE 802.11w-2009 is an approved amendment to the IEEE 802.11 standard to increase the security of its management frames.

Protected Management Frames

Current 802.11 standard defines "frame" types for use in management and control of wireless links. IEEE 802.11w is the Protected Management Frames standard for the IEEE 802.11 family of standards. TGw is working on improving the IEEE 802.11 Medium Access Control layer. The objective of this is to increase the security by providing data confidentiality of management frames, mechanisms that enable data integrity, data origin authenticity, and replay protection. These extensions will have interactions with IEEE 802.11r and IEEE 802.11u

Info on PMF

  • Single and unified solution needed for all IEEE 802.11 Protection-capable Management Frames
  • It uses the existing security mechanisms rather than creating new security scheme or new management frame format
  • It is an optional feature in 802.11 and is required for 802.11 implementations that support TKIP or CCMP.
  • Its use is optional and can be negotiable between STAs.

Class of Management Frames

Class 1:

  • Beacon and Probe Request/Response
  • Authentication and Deauthentication
  • Announcement traffic indication message (ATIM)
  • Spectrum Management Action
  • Radio Measurement Action between STAs in IBSS

Class 2:

  • Association request/response
  • Reassociation request/response
  • Disassociation

Class 3:

  • Disassociation /Deauthentication
  • QoS Action Frame
  • Radio Measurement Action in infrastuture BSS
  • Future 11v management frames

Which frames are Not protected

Infeasible/Not possible to protect the frame which are sent before 4-ways handshake because it is sent prior to key establishment Infeasible to protect

  • Beacon and Probe Request/Response
  • Announcement traffic indication message (ATIM)
  • Authentication request/response
  • Association request/response
  • Spectrum Management Action

– Any Management frame that is sent before key establishment is infeasible to be protected

– The Management Frames, which are sent after key establishment, can be protected

Which frames are protected(PMF)

Protection-capable Mgmt frames are the mgmt frames, which are sent after key establishment and can be protected using existing protection key hierarchy in 802.11 and its amendments Only TKIP/AES frames are protected and WEP/open frames are not protected

  • Disassociation and Deauthentication
  • Radio Measurement Action for Infrastructure BSS (802.11k frames)
  • QoS Action Frame (802.11e frames)
  • Future 11v management frames (802.11v frames)

Protection-capable Management Frames are protected by the same cipher suite as an ordinary Data MPDU

  • MPDU payload is TKIP or CCMP encrypted
  • MPDU payload and header are TKIP or CCMP integrity protected
  • Protected Frame Subfield of Header Frame Control Field is set
  • Only cipher suites already implemented required
  • Sender’s Pairwise Temporal Key protects unicast Mgmt Frame, and Sender’s GTK is used to protect broadcast/multicast Mgmt Frame
  • A RSN (802.11i) IE capability bit used to signal whether Protection-capable Management frames will be protected

Replay Protection

  • Transmitter uses next CCMP PN or TKIP TSC as the IV/Extended IV
  • Use sequence number given by PN/TSC to protect payload and increment counter
  • Each receiver implements a new receive counter for management frames
  • New counter initialized to zero
  • Sequence number in received protected management frame compared with new counter value
  • If received sequence number does not exceed last valid value, discard the frame as a replay
  • If received sequence number exceeds last valid value and management frame validates correctly, accept packet and set counter value to received sequence number value


The 802.11w standard is implemented in Linux and BSD's as part of the 80211mac driver code base which is used by several wireless driver interfaces i.e ath9k. The feature is easily enabled in most recent kernels and Linux OS's using these combinations. Openwrt in particular provides an easy toggle as part of the base distribution. The feature has been implemented for the first time into Microsoft operating systems in Windows 8. This has caused a number of compatibility issues particularly with wireless access points that are not compatible with the standard. Rolling back the wireless adapter driver to one from Windows 7 usually fixes the issue.

Wireless LANs send system management information in unprotected frames, which makes them vulnerable. This standard will protect against network disruption caused by malicious systems that forge disassociation requests that appear to be sent by valid equipment.[1]

See also


External links

  • Status of the project 802.11w IEEE Task Group w (TGw)
  • Tutorial on 802.11w
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.