Home

AESCCMP

AES-CCMP, short for AES-Counter Mode with CBC-MAC Protocol, is an encryption protocol used to protect data frames in IEEE 802.11 wireless networks. It is the primary encryption mechanism specified in the 802.11i security standard and is widely deployed under WPA2. AES-CCMP provides both confidentiality and data integrity for individual frames, helping prevent eavesdropping and tampering.

Technical overview: AES-CCMP uses the AES block cipher in CCM mode with a 128-bit key. For each

Security and deployment: AES-CCMP is designed to provide strong data confidentiality, integrity, and origin authentication for

See also: 802.11i, WPA2, AES, CCMP, CCM.

transmitted
frame,
a
unique
per-packet
nonce
is
derived
from
a
packet
number
and
other
header
fields,
and
the
CCMP
header
carries
part
of
this
information
to
enable
nonce
verification
at
the
receiver.
Encryption
produces
ciphertext
along
with
a
128-bit
authentication
tag
(MIC)
to
ensure
data
integrity
and
frame
authenticity.
The
per-frame
keys
are
derived
from
a
128-bit
AES
key
established
during
the
WPA/WPA2
handshake,
with
traffic
protection
typically
tied
to
a
pairwise
transient
key.
wireless
frames.
It
replaced
the
older
RC4-based
TKIP
in
WPA2
and
is
widely
supported
by
modern
hardware
and
firmware,
often
with
hardware
acceleration
to
improve
performance
and
reduce
latency.
Its
security
relies
on
robust
key
management,
proper
configuration,
and
unique
per-frame
nonces
to
prevent
replay
and
keystream
reuse.