Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
608
Views
0
Helpful
1
Replies

TKIP, Broadcast Key Rotation and ACS RADIUS Key Rotation

mbrustman
Level 1
Level 1

‎11-28-2004 06:54 PM - edited ‎07-04-2021 10:12 AM

I would like to know the difference between rotating keys using the BKR setting in the AP1200 vs using the setting in the Cisco Secure ACS.

Does one override the other?

Is there a difference in broadcast key rotation vs session key rotation? Is the BKR for broadcast keys and the ACS for session keys?

Any recommendations for TKIP and Key Rotation> Is this not already part of TKIP?

Any help to clearup up my confusion would be appreciated.

Labels:
0 Helpful
1 Reply 1

dixho
Level 6
Level 6

‎12-01-2004 03:14 PM

There are a number of keys in TKIP. All wireless clients on the same AP will have the same broadcast key. The broadcast key is used to encrypt and decrypt broadcast traffic (e.g. ARP). You can rotate the broadcast key per AP.

Each wireless client has an unique pairwise master key (PMK). Based on the PMK, TKIP increment the encryption key for each unicast packet (i.e. the packet source or destinate for the wireless client only). The session key rotation in the radius server defines how often the PMK changes.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card