• In RSN capabilities field of RSNE, the number of supported replay counters are to be specified. One field for PTK another for GTK. This field in RSN capabilities takes either 1, 2, 4 or 16 as number of supported replay counters.  According to the standard ( in 802.11-2012) it is specified by STA. But what about APs? Are not they also using these fields?

    Is there any clear definitions of how to map PN counters for frames in different TIDs and non-QoS frames when 802.11n and WMM is used?

    1) When 16 replay counters are supported I guess it shall be mapped to each TID.

    2) When 4 counters are supported, it seems reasonable to map one PN counter per access category (AC_VO, AC_VI, AC_BE, AC_BK) but it is not really mentioned explicitly. Is this a correct assumption?

    3) What is the best alternative when 2 replay counters per PTKSA is supported?

    4) I guess it is quite clear on the other hand what to do if only 1 replay counter is supported. Or is there something to think about?

    5) Shall non-QoS frames and TID = 0 frames to share a common PN counter? That is probably a good idea, but not explicitly mentioned in the standard, is it? Or shall there be a separate PN counter for non-QoS frames?

  • I don't have an answer for you, but you may find some answers in one of the documents listed here:

    Not positive about this, but it's worth a try.

  • No, I did not find anything in those test suites that help me.

  • I'm sure you've considered this, but by definition an AP is a STA.   Does that help at all?

    Does question #5, in your original post, have anything to do with WPA security for QoS STA's ?

  • Wlanman, yes that is of course correct (AP is STA), I forgot that, but that's just a minor wonder.
    The bigger concern of mine is how to share PN counters and map those towards the number of replay counters of the recipient.
    In 802.11n-2012 PN and replay detection e) says:
    "A transmitter shall not use IEEE 802.11 MSDU or A-MSDU priorities without ensuring that the receiver supports the required number of replay counters."And this is then specified in the RSN capabilites (see as either 16, 4, 2 or 1.
    Regarding question #5, I believe it is alright for a QoS STA to send individual non-QoS data frames as well, isn't it? The question then is if the PN of those frames shall have a separate counter or if it shall be a common counter for non-QoS frames and QoS frames with TID = 0. The latter seems reasonable since the number of replay counters are either 16, 4, 2 or 1 according to the RSN capabilites, but it is not clearly specified in the standard, is it?

  • I've found a little more information that may help, although it sounds like you may have deduced some of it already.  

    There are two types of replay counters, one for Unicast, and the other for Multicast.   These are maintained for each MAC address and TID.

    So, a receiver must have at least 4 (unicast) counters for each WMM source MAC.  WPA stations also need another for each multicast source.   

    There are special considerations to reduce lost packets caused by out-of-order MPDU's, but I didn't find any details on that. 

Page 1 of 1
  • 1