802.11w - Management Frame Protection
The 802.11w amendment offers three new security pieces: Data Origin Authenticity, Replay Detection, and Robust Management Frame Protection.
The data origin authenticity mechanism defines a means by which a station that receives a data or robust management frame can determine which station transmitted the data or management frame. This feature is required in an RSNA to prevent one station from masquerading as a different station. Data origin authenticity is only applicable to unicast data frames, or unicast Robust Management frames, and Deauthenticate or Disassociate frames with Robust Management protection. The protocols do not guarantee data origin authenticity for broadcast/multicast (bc/mc) data frames or broadcast/multicast Robust Management frames.
Continue reading...