Matthew Gast’s 802.

11 Protocol Map
nd Dat abases
Back E
EAP-SIM
Mobile Telephone Token
EAP-AKA Networks Card
PAP
EAP-GTC X.509
PKI Certificate
Validation
Active Directory
NT Domain LDAP
Directory PAP
EAP-GTC
TCP/IP Protocol Suite
MS-CHAP-V2
Billing and Ethertypes
Record Ox0800 (IP), Ox0806(ARP), Ox86DD (IPv6)
Keeping

Local IPX Protocol

RADIUS Database Radius Other network protocols Suite AppleTalk ARP
accounting Ethertype Ox8137
RFC 2866 Proxy Ethertype 0x80F3
RFC 2865 section 2
RFC 2607-policy 802.11 Wireless Networks: The Definitive Guide, 2nd Edition
By Matthew Gast

Remote Authentication RFC 1042 Encapsulation ISBN 0-596-10052-3, $44.95

802.1H Bridge-Tunnel Encapsulation
Dial-In User Service
(RADIUS) 802.1X-RADIUS guidelines-RFC 3580
RADIUS-RFC 2865

Tunneled TLS Protected EAP

(TTLS) (PEAP)
Internet-Draft Internet-Draft

attribute/
value pair inner EAP-RFC EAP-TLS 802.2 AP Bridging
(AVP) EAP 3748 RFC 2716
and Frame Ethernet Network
exchange exchange Logical Link Control (LLC) / Translation 802.3, etc.
Sub-Network Access Protocol (SNAP) 802.1Q

(Based On
TLS TLS TLS, RFC 2246)

EAP-Method Interface

Key hierarchy- 802.11i, clause 8.5.1

Pairwise Master Key (PMK) Group Master Key (GMK)

Medium Access
802.1X
Extensible Authentication Protocol
Pairwise Transient Key (PTK) Group Transient Key (GTK) Control (MAC)
Temporal Message Integrity Temporal Message Integrity
(EAP) Over LAN (EAPOL) Key Derivation Key(TK) Check (MK) Key Key(TK) Check (MK) Key
Services - 802.11 clause 6
from TLS Framing - 802.11 clause 7
Master Secret Functions - 802.11 clause 9
EAPoL-802.1X clause 7
Management - 802.11 clause 11
Security - 802.11 clause 8

Key distribution, 802.11i, clause 8.5

The Standards Regulators Americas

Brazil – Anatel, http://www.anatel.gov.br/

Institute of Electrical and Electronics Engineers

United States – Federal Communications Canada – Industry Canada, http://www.ic.gc.ca/ TKIP Temporal Key Counter with CBC
Commission, fcc.gov Chile – Subsecretaria de Telecomunicaciones, Sequence Temporal MIC
(IEEE): http://www.ieee.org
Europe – European Telecommunications http://www.subtel.cl/
Wired Equivilent (TSC) key Frame Key Frame Integrity Packet MAC Protocol
Number (PN) Temporal
Standards download from Get IEEE802: Standards Institute, etsi.org Mexico – Secretariat of Communications and
http://standards.ieee.org/getieee802/ European Radiocommunications Office, ero.dk
Japan – Ministry of Internal Communications,
Transport, http://www.sct.gob.mx/
Peru – Ministry of Transportation and Initialization Privacy Protocol Key Frame (CCMP)
soumu.go.jp Communications, http://www.mtc.gob.pe/ Vector (IV) Key Frame (TKIP) 802.11i clause 9.3.3
802.11 Standards (WEP) Key Mixing Michael
802.11 – Wireless LAN MAC and PHY Related International 802.11i Clause 8.3.2
802.11 FHSS PHY and 802.11 DSSS PHY:
Europe, Middle East, and Africa 802.11 clause 8.2 Integrity Check Counter with CBC-MAC (CCM) Mode
1 and 2 Mbpsin the 2.4 GHz band European Telecommunications Standards Organizations
802.11a – OFDM PHY: up to 54 Mbps in the Institute, http://www.etsi.org International Telecommunications Union – Per-Frame Key Frame + MIC RFC 3610
5 GHz band European Radiocommunications Office, http://www.itu.int/
RC4
802.11b – HR/DSSS PHY: 5.5 Mbps and
11 Mbps in the 2.4 GHz band
http://www.ero.dk
European Conference of Postal
AES FIPS PUB 197
WEP
802.11d – Regulatory domain extensions
802.11F – Inter-Access Point Protocol
recommendations
and Telecommunications
Administrations, http://www.cept.org Vendors Encrypted Frame +
802.11g – Extended Rate PHY: up to 54 Austria – Rundfunk & Telekom Regulierungs,
Integrity Check Encrypted and Encrypted and
Supplicants
Mbps in the 2.4 GHz band http://www.tkc.at/ Value (ICV) Authenticated Frame Authenticated Frame
802.11h – Spectrum and Transmit Power Belgium – Institut Belge des services postaux et Cisco – Aironet Client Software, cisco.com
Management Extensions des télécommunications, http://www.ibpt.be/ Funk – Odyssey client, funk.com
802.11i – Security enhancements Czech Republic – Český telekomunikační úřad Meetinghouse – AEGIS client, mtghouse.com
802.11j – 4.9 - 5 GHz operation in Japan (Czech Telecommunication Office), Microsoft – Windows XP/Windows 2000 built-in
http://www.ctu.cz/ supplicants, microsoft.com
Denmark – IT- og Telestyrelsen (National IT
802.11 Working Group Standards and Telecom Agency), http://www.tst.dk/
Task Group e – Quality of Service (QoS) Finland – Ministry of Transport and RADIUS servers
enhancements Communications, http://www.mintc.fi/ Cisco – CiscoSecure ACS, cisco.com
Task Group k – Radio resource management France – Autorité de Régulation des Funk – Steel Belted RADIUS, Odyssey Server,
Task Group n – High throughput (>100
Mbps) PHY
Télécommunications, http://www.art-telecom.fr/
Germany – Regulierungsbehörde für
funk.com
Interlink – interlinknetworks.com
Physical Layer Convergence Procedure (PLCP)
Task Group p – Wireless access in vehicular Telekommunikation und Post, Open Systems Consultants – Radiator,
environments (WAVE) http://www.regtp.de/ open.com.au
Task Group r – Roaming enhancements Greece – Εθνική Επιτροπή Τηλεπικοινωνιών & Lucent – NavisRadius, lucent.com
Task Group s – Multihop/mesh extensions Ταχυδρομείων (National Telecommunications Meetinghouse – AEGIS Server, mtghouse.com
Task Group T – Performance measurements and Post Commission), http://www.eett.gr/ Microsoft – Internet Authentication Server,
Task Group u – Interoperability and handoff Ireland – Commission for Communications microsoft.com
between different types Regulation, http://www.odtr.ie/ High-Rate Direct
Task Group v – Network management Italy – Autorità per le garanzie nelle comunicazioni,
Access Points Frequency-Hopping Direct Sequence Sequence Spread Proposed: OFDM PHY
enhancements http://www.agcom.it/
Spread Spectrum Extended Rate PHY
Netherlands – OPTA, http://www.opta.nl/ 3Com – 3com.com Spread Spectrum Spectrum (HR/DSSS) (ERP) High-Throughput
Norway – Post-og Teletilsynet, http://www.npt.no/ Accton – (reference design), accton.com
(FHSS) (DSSS) MIMO PHY 802.11a/j Clause 17
Related IEEE Standards Poland – Urząd Regulacji Telekomunikacji i Apple – apple.com 802.11b Clause 18
802.1X – Port-based access control
Poczty (URTiP), http://www.urtip.gov.pl/ Aruba – arubanetworks.com 802.11b Clause 18 Complimentary 802.11g Clause 19 Future 802.11n Coded OFDM
Portugal – Autoridade Nacional de Comunicações Avaya – avaya.com Coded OFDM
802.1H – MAC bridging and bridge/tunnel
(Anacom), http://www.anacom.pt/
802.11 Clause 14 Barker Encoding Code Keying
encapsulation Buffalo – buffalotech.com
Switzerland – Bundesamt für Kommunikation Cisco – cisco.com
802.1D – IEEE 802 MAC bridging
(Bakom), http://www.bakom.ch/ D-Link – d-link.com
802.1Q – Virtual bridged local area networks
United Kingdom – Office of Communications, Enterasys – enterasys.com
802.1p – Priority bits
http://www.ofcom.org.uk/ Extreme – extremenetworks.com
802.2 – Logical Link Control and SNAP Transmit Power Control-802.11h Clause 11.5
Israel – Ministry of Communications, Foundry – foundry.com
encapsulation
802.3af – Power over Ethernet
http://www.moc.gov.il/ Hewlett-Packard – hp.com Spectrum Management Services Dynamic Frequency Selection-802.11h Clause 11.6
South Africa – Independent Communications Netgear – netgear.com (Optional in Some Regulation Domains)
Authority of South Africa, http://www.icasa.org.za/ Proxim – proxim.com
Internet Engineering Task Force SMC – smc.com
Symbol – symbol.com
(IETF) www.ietf.org Asia/Pacific Rim Trapeze – trapezenetworks.com
Standards – downloaded from Australia – Australian Communications Authority,
www.ietf.org/rfc.html or http://rfc-editor.org/ http://www.aca.gov.au/
Draft Standards – (Internet-Drafts) China – Ministry of Information Industries, Chip Vendors United States - Federal Communications Commission, fcc.gov
Europe - European Telecommunications Standards Institute, etsi.org
down loaded from www.ietf.org/ID.html http://www.mii.gov.cn/
Hong Kong – Office of the Telecommunications
Agere – agere.com
Airgo – airgo.com - European Radiocommunications, ero.dk Regulatory Compliance 802.11 d Regulatory Extensions
Authority, http://www.ofta.gov.hk/ Atheros – atheros.com Japan - Ministry of Internal Communications, soumu.go.jp Rules Set by Regulators
Authentication Standards India – Ministry of Communications and Broadcom – broadcom.com
RFC 2865 – Remote Authenticated Dial-In Information Technology, http://www.mit.gov.in/ Conexant – conexant.com
User Service (RADIUS) Indonesia – Directorate General of Post and Intel – intel.com
RFC 2868 – RADIUS tunnel support Telecommunication, http://www.postel.go.id/ Marvell – marvell.com
RFC 2866 – RADIUS accounting Japan – Ministry of Internal Affairs and Texas Instruments – ti.com
RFC 2867 – RADIUS tunnel accounting Communications, http://www.soumu.go.jp/
RFCs 2869 and 3579 – RADIUS extensions Korea – Ministry of Information &
Analysis tools 5 GHz Unlicensed Bands
(including EAP)
RFC 3748 – Extensible Authentication Protocol
Communication, http://www.mic.go.kr
Malaysia – Ministry of Energy, Communications, AirMagnet – airmagnet.com
2.4 GHz ISM Band 4.920 GHz-5.825 GHz
and Multimedia, http://www.ktkm.gov.my/ Berkeley Varitronics – YellowJacket, 4.920-4.980 GHz 5.040-5.080 GHz 5.150-5.250 GHz 5.250-5.235 GHz 5.470-5.725 GHz
RFC 3580 – RADIUS & 802.1X
2.412 Ghz-2.484 GHz 5.725-5.825 GHz
RFC 2716 – EAP-TLS New Zealand – Ministry of Economic bvsystems.com
Development, http://www.med.govt.nz/ Network Instruments – Observer,
Worldwide Harmonized Band
I-D: Protected EAP (PEAP) Philippines – National Telecommunications networkinstruments.com Channels 240-252 Channels 8-16 Channels 34-46 (Japan) Channels 52-64 Channels 100-140 Channels 149-161
Commission, http://www.ntc.gov.ph Sniffer – Sniffer Wireless, sniffer.com
I-D: Tunneled TLS (TTLS)
Singapore – Infocomm Development Authority,
Channels 36-48 (U.S.)
I-D: EAP-FAST WildPackets – AiroPeek, wildpackets.com
I-D: EAP-SIM – authentication using mobile http://www.ida.gov.sg/ United States United States United States United States
telephone subscriber identity module Taiwan – Directorate General of Lower U-NII band Mid U-NII Band FCC 03-287 Upper U-NII Band
I-D: EAP-AKA – authentication using UMTS Telecommunications, http://www.dgt.gov.tw/ Open Source Projects
Thailand – Post and Telegraph Department, FCC 15.407 FCC 15.407 FCC 15.407
(3G) authentication and key agreement Ethereal – network protocol analyzer, ethereal.com
http://www.ptd.go.th/ HostAP & wpa_supplicant – access point & Europe
Vietnam – Department General of Posts
Related Standards & Telecommunications,
supplicant, hostap.epitest.fi ERC/DEC/(99)23
xsupplicant (Open1X) – supplicant, open1x.org ETSI EN 301 893
RFC 2246 – Transport Layer Security http://www.vnpt.com.vn/DGPT FreeRADIUS – RADIUS server, freeradius.org
RFC 1042 – IP encapsulation on SecureW2 – TTLS plug-in for the Windows Japan Japan Japan
IEEE 802 networks supplicant, securew2.com Equipment Ordinance Equipment Ordinance Equipment Ordinance
wEAP – EAP plug-ins for Windows,
weap.sourceforge.net Articles 7, 49.20, 49.21 Articles 7, 49.20, 49.21 Articles 7, 49.20, 49.21

© 2005 Matthew S. Gast O’Reilly logo is a registered trademark of O’Reilly Media, Inc. All other trademarks are property of their respective owners. 04/05 Part #50055