Aruba 800 Series Manual de usuario descargar pdf (Pagina 33)

33

CSP

CSP TYPE

GENERATION

STORAGE

And

ZEROIZATI

ON

USE

WPA2 PSK

16-64

character

shared secret

used to

authenticate

mesh

connections

and in

remote AP

advanced

configuration

CO configured

Encrypted in

flash using the

KEK; zeroized

by updating

through

administrative

interface, or by

the ‘ap wipe

out flash’

command.

Used to derive

the PMK for

802.11i mesh

connections

between APs

and in

advanced

Remote AP

connections;

programmed

into AP by the

controller over

the IPSec

session.

802.11i Pairwise Master

Key (PMK)

512-bit

shared secret

used to

derive

802.11i

session keys

Derived from WPA2

PSK

In volatile

memory only;

zeroized on

reboot

Used to derive

802.11i

Pairwise

Transient Key

(PTK)

802.11i Pairwise Transient

Key (PTK)

512-bit

shared secret

from which

Temporal

Keys (TKs)

are derived

Derived during 802.11i

4-way handshake

In volatile

memory only;

zeroized on

reboot

All session

encryption/dec

ryption keys

are derived

from the PTK

802.11i

EAPOL MIC Key

128-bit

shared secret

used to

protect 4-

way (key)

handshake

Derived from PTK

In volatile

memory only;

zeroized on

reboot

Used for

integrity

validation in 4-

way

handshake

802.11i EAPOL Encr Key

128-bit

shared secret

used to

protect 4-

way

handshakes

Derived from PTK

In volatile

memory only;

zeroized on

reboot

Used for

confidentiality

in 4-way

handshake

802.11i data AES-CCM

encryption/MIC key

128-bit AES-

CCM key

Derived from PTK

Stored in

plaintext in

volatile

memory;

zeroized on

reboot

Used for

802.11i packet

encryption and

integrity

verification

(this is the

CCMP or

AES-CCM

key)

1 2 ... 28 29 30 31 32 33 34 35 36

Comentarios a estos manuales

Sin comentarios