Editing CCMP (cryptography) (section)

==Technical details==
{{Technical|date=February 2018}}
CCMP uses [[CCM mode|CCM]] that combines [[block cipher modes of operation#Counter .28CTR.29|CTR mode]] for data confidentiality and [[CBC-MAC|cipher block chaining message authentication code (CBC-MAC)]] for authentication and integrity. CCM protects the integrity of both the [[MAC protocol data unit|MPDU]] data field and selected portions of the IEEE 802.11 MPDU header. CCMP is based on AES processing and uses a 128-bit key and a 128-bit block size. CCMP uses CCM with the following two parameters:
* M = 8; indicating that the MIC is 8 [[Octet (computing)|octets]] (eight bytes).
* L = 2; indicating that the Length field is 2 octets.

A CCMP [[MAC protocol data unit|Medium Access Control Protocol Data Unit]] (MPDU) comprises five sections. The first is the MAC header which contains the destination and source address of the data packet. The second is the CCMP header which is composed of 8 octets and consists of the packet number (PN), the Ext IV, and the key ID. The packet number is a 48-bit number stored across 6 octets. The PN codes are the first two and last four octets of the CCMP header and are incremented for each subsequent packet. Between the PN codes are a reserved octet and a Key ID octet. The Key ID octet contains the Ext IV (bit 5), Key ID (bits 6–7), and a reserved subfield (bits 0–4). CCMP uses these values to encrypt the data unit and the MIC. The third section is the data unit which is the data being sent in the packet. The fourth is the [[message authentication code|message integrity code]] (MIC) which protects the integrity and authenticity of the packet. Finally, the fifth is the [[frame check sequence]] (FCS) which is used for error detection and correction. Of these sections only the data unit and MIC are encrypted.<ref name="802.11 2007" />