802.11r & 802.11k



802.11R & 802.11K

The 802.11r operations

The 802.11r standard applies to a 3-tier reference architecture that divides the access network into mobility zones. A mobility zone is defined as the collection of lightweight access points connected to a central management unit, here after referred to as controller. Generally, neighboring access points covering a certain geographic zone are grouped into a single mobility zone (Wright, 2004).

When an 802.11r compliant station enters a mobility zone, it first performs authentication using EAP. The resulting MSK is used by the station and the controller to derive a key called PMK-R0. PMK-R0 is then used to derive per-access-point PMKs. The name for such keys is PMK-R1. The controller finally sends the PMK-R1 keys to their corresponding access points. The mobility zone controller that holds the PMK-R0 key is called R0 Key Holder (R0KH), while the access points to which PMK-R1 keys are delivered are R1 Key Holder(R1KH).

The key hierarchy specified by the IEEE 802.11r standard is depicted in the figure below

(IEEE, 2008).

During the initial association in a mobility zone, a 802.11r capable STA and AP perform an Open System Authentication exchange, followed by a FT Reassociation Exchange that differs from 802.11 Reassociation Exchange by including an MDIE in the Reassociation Request to indicate that the STA wishes to use 802.11r. Moreover, a Fast Transition Information Element (FTIE) is included in the Reassiciation Response frame issued by the AP (IEEE, 2008). The FTIE carries the R0KH-ID as well as the current access point's R1KH-ID. After successful 802.11X authentication, the AP and STA engage in a FT four-way handshake that differs from the 802.11i handshake by carrying extra MDIE and FTIE components, needed for the derivation of PMK-R1s and PTKs.

802.11K

As 802.11k is designed to be implemented in software, to bear the WLAN equipment that only needs ...