Reference Guide
35
29
802.11i Group Master
Key (GMK)
256-bit secret used to
derive GTK
Generated from
approved RNG
Stored in plaintext in
volatile memory;
zeroized on reboot
Used to derive Group
Transient Key (GTK)
30
802.11i Group
Transient Key (GTK)
256-bit shared secret
used to derive group
(multicast) encryption
and integrity keys
Internally derived by
AP which assumes
“authenticator” role in
handshake
Stored in plaintext in
volatile memory;
zeroized on reboot
Used to derive
multicast
cryptographic keys
31
802.11i Group AES-
CCM Data
Encryption/MIC Key
128-bit AES-CCM key
derived from GTK
Derived from 802.11
group key handshake
Stored in plaintext in
volatile memory;
zeroized on reboot
Used to protect
multicast message
confidentiality and
integrity (AES-CCM)
32
Factory CA Public
Key
RSA 2048 bits public
key
Generated outside the
module.
Stored in non-volatile
memory. Zeroized by
physical destruction of
the module.
Firmware verification