Forum

Group Key Handshake (GTK) rekeying

1 posts by 1 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: May 26, 2010:

By leomezza May 26, 2010

Reply

Hello guys,

Yesterday I was studying for the CWSP reading about the the Group Key Handshake then I thought, what could happen if any STA looses the new GTK (for whatever reason)? Today I checked the 802.11 2007 and found the following:
[quote]8.5.4.3 Group Key Handshake implementation considerations
If the Authenticator does not receive a reply to its messages, its shall attempt dot11RSNAConfigGroup-
UpdateCount transmits of the message, plus a final timeout. The retransmit timeout value shall be 100 ms
for the first timeout, half the listen interval for the second timeout, and the listen interval for subsequent
timeouts. If there is no listen interval, then 100 ms shall be used for all timeout values. If it still has not
received a response after this, then the Authenticator?s STA should use the MLMEDEAUTHENTICATE.
request primitive to deauthenticate the STA.[/quote]

So I assume that after a unspecified number of retries, up to the vendor, the AP deauthenticate the STA, right?

Page 1 of 1

1

Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.
-Darren

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.
-Ben

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.
-Glenn