TemporalKeyIntegrityProtocol(TKIP).pptVIP

Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo Agenda Disadvantages of WEP Design Constraints Components of TKIP Putting the pieces together Questions Disadvantages of WEP WEP provides no forgery protection No protection against Message Replays WEP misuses the RC4 encryption algorithm in a way that exposes the protocol to weak key attacks By reusing initialization vectors, WEP enables an attacker to decrypt the encrypted data without ever learning the encryption key Design Constraints WEP-patches, on the already deployed hardware, have to depend entirely on software upgrades. The paucity of the CPU cycles. The hardwiring of the encryption algorithm. TKIP Temporal Key Integrity Protocol (TKIP) is the TaskGroupi’s solution for the security loop holes present in the already deployed 802.11 hardware It is a set of algorithms that wrap WEP to give the best possible solution given all the above mentioned design constraints. Components of TKIP A cryptographic message integrity code, or MIC, called Michael: to defeat forgeries; A new IV sequencing discipline: to remove replay attacks from the attacker’s arsenal; A per-packet key mixing function: to de-correlate the public IVs from weak keys A re-keying mechanism: to provide fresh encryption and integrity keys, undoing the threat of attacks stemming from key reuse. Defeating Forgeries: Michael Every MIC has three components: a secret authentication key K (shared only between the sender and receiver), a tagging function, and a verification predicate. Designed by Niels Ferguson. Michael (contd.) 64-bit Michael key: represented as two 32-bit words (K0,K1). The tagging function first pads a message with the hex value 0x5a and enough zero pad to bring the total message length to a multiple of 32-bits, then partitions the result into a sequence of 32-bit words M1 M2 … Mn. (L,R) ← (K0,K1) do i from 1 to n L ← L ^ Mi (L,R) ← b (L,R) return (L,R) as the tag Where b i