Certificate Based Security Join request (WTP-Cert, SID) Join Response (AC-Cert, SID, cipher-text) AC Creates session keys (KeyMaterial) Data = E-wtp{Kpub, PKCS1(KeyMaterial)} Cipher-text = E-ac{Kpriv, SID|Data} WTP AC Data = D-ac{Kpub, Cipher-text} PKCS1(KeyMaterial) = D-ac{Kpriv , data} AES-CCM Encrypted Control Channel |