̈ Chapter 11: Wireless LAN – WLAN LANCOM Reference Manual LCOS 3.50
227
Wireless LAN – WLAN
The key handshake breaks down into two phases: first the pairwise key
handshake, then the group key handshake (Figure 4).
As you can see, the handshake consists of pairs of packets which each consist
in turn of a 'query' of the access point and a 'confirmation' of the client. The
first pair serves mostly for the client and access point to exchange the specific
random values (so-called nonces) to be used for this negotiation. The Master
Secret already known to both sides is now mixed with these nonces and after
a predetermined hash procedure, further keys are generated, on the one hand
to take care of securing further exchanges, and on the other to be used as a
pairwise key for this station. Since the Master Secret isn't used directly, it can
be reused later for any necessary renegotiations, since it can then be mixed
with new random value and thus will deliver different keys.
In the second pair, the access point instructs the client to install the calculated
TKIP session key, and as soon as the client confirms this, the access point does
the same. This concludes the pairwise handshake, and as a result it is now
possible to exchange data between client and access point via TKIP.
Figure 4: Key handshake in WPA
Access point
1 (Send ANonce)
Client
2 (Send SNonce)
3 (Install Pairwise Key)
4 (Pairwise Key Installed)
1 (Install Group Key)
2 (Group Key Installed)