IEEE 802.11r was published in 2008 and was aiming for faster and secure handoff’s within the service set. It is also known as Fast Basic Service Set Transition (Fast BSS Set Transition)
Key items involved when we talk about FT,
- Mobility Domain : Mobility Domain (MD) is a set of basic service sets (BSS) with in same Extended Service Set (ESS), which supports Fast BSS Transition between themselves.
Basically, a group of AP’s belonging to the same ESS where client station is expected to roam in a fast and a secure manner.
2. Types of Keys:
- Master Session Key (MSK) : This is the key generated during the EAP transactions (while doing 802.1x) or passphrase (in case of pre-shared based network)
- Pairwise Master Key R0 (PMK-R0) : This key is derived from MSK – First level key of FT key hierarchy.
- Pairwise Master Key R1 (PMK-R1) : This key is derived from PMK-R0 – Second level key of FT key hierarchy
- Pairwise Transient Key (PTK) : Third and final key in the FT key hierarchy created from the PMK-R1 during the 4-way exchange and used to encrypt 802.11 data frames.
3) Key Holder Role :
|Device||Key Holder Role|
|WLAN Controller||PMK-R0 Key Holder (R0KH)|
|Access Point||PMK-R1 Key Holder (R1KH)|
|Client Station||PMK-S0 Key Holder (S0KH)|
|Client Station||PMK-S1 Key Holder (S1KH)|