beautypg.com

Enterasys Networks 802.11 User Manual

Page 51

background image

2-17

Security

2.

The key period expires. The AP creates two new random keys and loads them into the
inactive authenticator key indexes (Keys 3 and 4 in this example). The keys are not yet
used for transmission or reception.

3.

The AP begins transmitting the new key pair to the authenticated clients in the
supplicant list. When a client receives the new keys, it immediately begins transmitting
using the new TX key. The AP does not use the new TX key until the message has been
transmitted to all clients. During this time, the AP accepts transmissions on both the
old and new RX keys. Note that a client can only have one TX key. The following table
shows that some clients use Key1 as the TX key while other clients use Key 3.

AP

Client

Key #

Encryption

TX/RX

State

TX/RX

Encryption

Key1

aaaaaaaaaaaaaa RX

Active

TX

aaaaaaaaaaaaaa

Key2 bbbbbbbbbbbbb

TX

Active

RX

bbbbbbbbbbbbb

Key3

cccccccccccccc

Inactive

xxxxxxxxxxxxx

Key4

ddddddddddddd

Inactive

xxxxxxxxxxxxx

AP

Client

Key #

Encryption

TX/RX

State

TX/RX

Encryption

Key1

aaaaaaaaaaaaaa RX

Active

TX

aaaaaaaaaaaaaa

Key2 bbbbbbbbbbbbb

TX

Active

RX

bbbbbbbbbbbbb

Key3 cccccccccccccc

RX

Active

TX

cccccccccccccc

Key4

ddddddddddddd

Inactive

ddddddddddddd

See also other documents in the category Enterasys Networks Hardware: