Wireless LAN – WLAN
40
3.2
Development of WLAN security
BAT54-Rail/F..
Release
7.54
06/08
3.2.5 TKIP and WPA
As clarified in the last section, the WEP algorithm is flawed and insecure in
principle; the measures taken so far were largely either 'quick fixes' with lim-
ited improvement, or so complicated that they were basically impractical for
home use or smaller installations.
After the problems with WEP became public knowledge, the IEEE began with
the development of the standard IEEE 802.11i. As an interim solution, the
WiFi Alliance defined the Wifi Protected Access (WPA) 'standard'. WPA uses
the following changes:
D TKIP and Michael as replacement for WEP
D A standardized handshake procedure between client and access point for
determination/transmission of the session key.
D A simplified procedure for deriving the Master Secret mentioned in the last
section, which can be performed without a RADIUS server.
D Negotiation of encryption procedure between access point and client.
U TKIP
TKIP stands for Temporal Key Integrity Protocol. As the name suggests, it
involves an intermediate solution for temporary use until a truly strong en-
cryption procedure is introduced, but which deals with the problems of WEP,
never the less. A requirement of this method was compatibility with existing
WEP/RC4 hardware.
Encryption makes use of components familiar from WEP but benefits from
decisive improvements with the "Michael hash" from improved encryption
and the TKIP method for calculation of the RC4 key. Furthermore, the inter-
nally incremented IV transmitted in clear text in the packet is 48 bits long in-
stead of 24--thus the problem with the repeating IV value is practically
excluded.
As a further detail, TKIP also mixes the MAC address of the sender into the
calculation of the key. This ensures that the use of identical IVs by different
senders cannot lead to identical RC4 keys and thus again to attack possibil-
ities.
The Michael hash does not, however, represent a particularly tough crypto-
graphic hurdle: if the attacker can break the TKIP key or get encrypted pack-
ets past the CRC check via modifications similar to those for WEP, then not
many barriers remain. For this reason, WPA defines countermeasures if a
WLAN card detects more than two Michael errors per minute: both the client
and the access point break data transfer off for one minute, afterwards rene-
gotiating TKIP and Michael keys.
To Next Page
Loading...
Need help?
General
