Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP) is an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard.
CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM mode) of the Advanced Encryption Standard (AES) standard. It was created to address the vulnerabilities presented by Wired Equivalent Privacy (WEP), a dated, insecure protocol.
CCMP is the standard encryption protocol for use with the Wi-Fi Protected Access II (WPA2) standard and is much more secure than the Wired Equivalent Privacy (WEP) protocol and Temporal Key Integrity Protocol (TKIP) of Wi-Fi Protected Access (WPA). CCMP provides the following security services:
- Data confidentiality; ensures only authorized parties can access the information
- Authentication; provides proof of genuineness of the user
- Access control in conjunction with layer management
Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation. Generic meet-in-the-middle attacks do exist and can be used to limit the theoretical strength of the key to 2n∕2 (where n is the number of bits in the key) operations needed.