1. The regular Wi-Fi association process
Here are the normal, or pre 802.11r, steps followed by a client device as it connects to an access point or roams
from one access point to another.
1. Authentication (client)
2. Authentication Response (AP)
3. (Re)Association Request (client)
4. (Re)Association Response (AP)
5. WPA2 Enterprise 802.1X/EAP (client, AP, and authentication server); skipped in WPA2 Personal
6. Four-way handshake #1 – AP nonce passed to client (AP)
7. Four-way handshake #2 – Supplicant nonce passed to AP (client)
8. Derivation of encryption key (AP and client independently)
9. Four-way handshake #3 – verification of derived encryption key and communication of group transient
key (AP)
10. Four-way handshake #4 – acknowledgement of successful decryption (client)
Note, a nonce is a pseudo-random number generated for the purpose of seeding the encryption algorithm. Both
the AP (anonce) and the client supplicant device (snonce) generate their own nonces as part of the negotiation.
802.11r Fast Transition Roaming
The initial handshake with the new Access Point (AP) occurs before client roams to the target AP, called as Fast
Transition (FT). 802.11r eliminates the handshake overhead while roaming and thereby reduces the hand off
times between APs, which provides security and QoS. It is useful for client devices with delay-sensitive
applications, such as, voice and video over Wi-Fi.
In fast BSS transition(802.11r) the complete roaming and key generation happens in just 4 frames message
exchanges i.e. (Authentication Request, Authentication Response, Re-association Request, Re-
association Response),Which significantly reduces the roaming time for WLANs running VoWiFi services.
The 4 frames contains the sufficient information build a PTKSA between UE (STA) and targeted AP.
AP announces support of over the air BSS transition in MDIE (Mobility Domian Information Element) in beacons,
probe response and (Re)association response frames.
UE which wish to associate to the FT enabled AP in its authentication and (Re)association request must have
the matching MDIE information.
Initial handshake allows the client and APs to do Pairwise Master Key (PMK) calculation in advance. Once the
client performs the re-association request or response exchange with the new AP, the PMK keys are applied to
the client and AP. The FT key hierarchy allows clients to make fast Base Station Subsystem (BSS) transitions
between APs without the need for re-authentication at every AP.
Methods of Client Roaming
For a client to move from the current AP to target AP using FT protocols, the message exchanges are performed
using one of the following methods:
Over-the-Air FT Roaming
Over-the-DS (Distribution System) FT Roaming
2. Over-the-Air Fast Transition Roaming
The client communicates directly with the target AP using IEEE 802.11 authentication with the FT authentication
algorithm.
In FT key architecture, Key derivation follows following pattern: MSK —> PMKR0 —–>PMKR1s —-> PTK. Its
has respective Key holders (KH) for holding and deriving PMK keys (R0 and R1) and distribute it to other key
holders which are lower in key hierarchy. Note: S0, S1 indicates key holders on UE and R0, R1 indicates key
holders on AP.
3. We will see further details in below with wireless captures:
1. APs announces support of over the air BSS transition in probe response frame below. Note that the Fast
BSS transition over DS bit is set to 0 which means Over the Air.
2. UE(STA) connection to initial AP(00:b9:6f) , It includes initial AP association,802.1x authentication (EAP-
AKA)in this case & after successful authentication from authentication server. Finally, 4 way handshake
happens for generation of encryption keys.
3. When UE decides to roam it already knows the capabilities of target AP(ec:09:cf) in probe response.
UE send authentication request with with SNonce and R0-KH id to target AP. PMK-R0 key holder
identifier (R0KH-ID).
In RSN information it has AKM as FT over IEEE 802.1x. SNonce contains value chosen by S1KH.
4. 4. Target AP uses R1KH-ID indicates the identity of the R1KH, which is used by the S0KH and the
R0KH for deriving the PMK-R1s.PMK-R1 key holder identifier (R1KH-ID).It sends R1KH
id,ROKH id along with ANONCE in authentication response to UE. ANONCE contains value
chosen by R1KH
5. 5. UE generates PTK and PTK SA from PMK-R1 ,PMKR1Name,ANonce
& SNonce.You can see in re-association message its MIC protected.
6. Targeted AP sends re-association response to UE.The GTK subelement contains
the group temporal key, which is encrypted. GTK keys are sent to UE for
encrypting multicast and broadcast traffic.
6. Roaming Over-the-Air Intra (Same) Controller
When a client is roaming between AP1 and AP2 that are connected to the same controller, the following steps
takes place by default:
1. Client associates with AP1 and requests to roam with AP2.
2. Client sends a FT Authentication Request to AP2 and receives a FT Authentication Response from AP2.
3. Client sends a FT Re-association Request to AP2 and receives a FT Re-association Response from
AP2.
4. Client completes its roam from AP1 to AP2.
Roaming Over the Air Inter Controller
When a client is roaming between AP1 and AP2 which are connected to different controllers such as WLC1 and
WLC2, respectively, within mobility group, the following steps takes place by default:
1. Client associates with AP1 and requests to roam with AP2.
2. Client sends a FT Authentication Request to AP2 and receives a FT Authentication Response from AP2.
3. WLC-1 sends PMK and mobility message to WLC-2 about the roaming client that uses mobility
infrastructure.
4. Client completes its roam from AP1 to AP2.
7. Over-the-Distribution System Fast Transition Roaming
In roaming over the DS, the client communicates with the target AP through the current AP. The communication
is in FT action frames between the client and the current AP through the controller.
8. Roaming Over the DS Intra Controller
When a client is roaming between AP1 and AP2 that are connected to the same controller, the following steps
takes place by default:
1. Client associates with AP1 and requests to roam with AP2.
2. Client sends a FT Authentication Request to AP1 and receives a FT Authentication Response from AP1.
3. The controller sends the pre-authentication information to AP2 as the APs are connected to the same
controller.
4. Client sends a FT Re-association Request to AP2 and receives a FT Re-association Response from
AP2.
5. Client completes its roam from AP1 to AP2.
Roaming Over the DS Inter Controller
When a client is roaming between AP1 and AP2 that are connected to the different controllers such as WLC1
and WLC2 respectively within a mobility group, the following steps takes place by default:
1. Client associates with AP1 and requests to roam with AP2.
9. 2. Client sends a FT Authentication Request to AP1 and receives a FT Authentication Response from AP1.
3. WLC-1 sends Pairwise Master Key (PMK) and mobility message to WLC-2 about the roaming client.
4. Client completes its roam from AP1 to AP2.
How to configure Fast Roaming in Cisco/ Cambium/ Aruba?