Authentication & Discovery Authentication AP and AC need to mutually authenticate prior to engaging in discovery and configuration exchanges. Presume a PSK/certificate-based enrolment of APs a lightweight authentication algorithm is required (to let APs of varied lightness) Key Exchange Keys generated from the cryptographic authentication exchange may be used to protect subsequent exchanges and derive traffic-related keys. Depending on requirements and architecture independent SA’s may be established to secure data and management traffic ARCH2-like systems may use 802.11i for data security. |