RSN (Robust Secure Network) is a protocol for establishing secure communications over an 802.11 wireless network.

RSN (Robust Secure Network) is part of the 802.11i standard.

The RSN Protocol Process

The RSN protocol functions as follows:

  1. The wireless NIC sends a Probe Request.
  2. The wireless access point sends a Probe Response with an RSN Information Exchange (IE) frame.
  3. The wireless NIC requests authentication via one of the approved methods.
  4. The wireless access point provides authentication for the wireless NIC.
  5. The wireless NIC sends an Association Request with an RSN Information Exchange (IE) frame.
  6. The wireless access point send an Association Response.

The RSN Information Element

RSN begins to establish a secure communication channel by broadcasting an RSN Information Element message across the wireless network.

The RSN Information Element (IE) broadcasts the following information:

  • All enabled authentication suites
  • All enabled unicast cipher suites
  • Multicast cipher suite

The format of the RSN Information Element frame is:

Field Length in octets
Element ID 1
Element Length 1
Version 2
Group key suite 4
Pairwise suite count 2
Pairwise suite list 4 per pairwise suite
Authentication suite count 2
Authentication suite list 4 per authentication suite
Capabilities 2

RSN Authentication and Key Management Suites

The authentication and key management suites supported by RSN include:

Code Meaning
00:00:00:1 802.1X authentication and key management
00:00:00:2 No authentication; 802.1X key management

RSN Cipher Suites

The pairwise or group cipher suites supported by RSN include:

Code Meaning
00:00:00:1 WEP
00:00:00:2 TKIP
00:00:00:3 WRAP
00:00:00:4 CCMP
00:00:00:5 WEP-104

RSN on Legacy Wireless Hardware

Wireless networks which employ RSN but allow the use of TKIP are sometimes referred to by the term Transition Security Network (TSN).

TSN is necessary because legacy wireless equipment does not have the necessary hardware to support the CCMP protocol.