Lesson Contents
In the wireless authentication lesson, you learned that the original 802.11 standard only supported WEP and open authentication. WEP is insecure and shouldn’t be used anymore. In this lesson, we’ll take a look at some of the other algorithms and protocols to encrypt and protect the integrity of wireless traffic.
TKIP
WEP uses the RC4 algorithm for encryption, which is supported in hardware. Most wireless equipment only supported RC4 and not a more advanced encryption algorithm like AES. We know that WEP is insecure, so to make sure that the older hardware could still use a secure encryption method, IEEE developed the Temporal Key Integrity Protocol (TKIP).
TKIP adds the following security features:
- MIC: We have an extra message integrity check called Michael, which adds a hash value to each frame. We use this so we can detect if someone made changes to the frame.
- TKIP sequence counter: This counter provides a record of frames sent by each MAC address. We use this so an attacker can’t perform a replay attack by retransmitting frames.
- Key mixing algorithm: This algorithm calculates a unique 128-bit WEP key for each frame.
- A longer initialization vector (IV): The IV size is 48 bits, versus 24 bits for WEP. This makes it much harder to brute force calculate all WEP keys.
- Timestamp: We add a timestamp to the MIC to prevent replay attacks. A replay attack attempts to retransmit a frame that was previously sent.
- Sender MAC address: The MIC includes the sender’s MAC address. This is used to prove who the actual sender of the frame is.
TKIP was a temporary solution, while IEEE worked on the 802.11i standard. Nowadays, TKIP also has vulnerabilities, and you shouldn’t use it anymore. TKIP is deprecated in the 802.11-2012 standard.
CCMP
CCMP stands for Counter Mode with Cipher Block Chaining Message Authentication Code Protocol. That’s a mouthful. CCMP consists of two algorithms:
- AES counter mode encryption
- CBC-MAC
Advanced Encryption Standard (AES) is a widely used encryption algorithm and the most secure encryption method available at the moment.
The National Institute of Standards and Technology (NIST) has defined five modes of operation for AES (and other FIPS-approved block ciphers). The five modes are:
- Electronic Code Book (ECB)
- Cipher Block Chaining (CBC)
- Cipher Feedback (CFB)
- Output Feedback (OFB)
- Counter (CTR)
Cipher Block Chaining Message Authentication Code (CBC-MAC) is a technique that constructs a message authentication code from a block cipher. The data is encrypted with AES and creates a chain of blocks. Each block depends on the encryption of the previous block.
Before you can use CCMP, your wireless hardware has to support AES and CBC-MAC. You can’t use CCMP on older hardware that only supports WEP or TKIP.
GCMP
802.11ad offers even higher data rates than 802.11ac and requires faster encryption than CCMP can offer. Galois/Counter Mode Protocol (GCMP) can be run in parallel, so it’s more efficient and provides higher performance than CCMP.
Hello Yash
Doing a bit more reading online, I have found that CCMP uses CBC-MAC which stands for cypher block chaining message authentication code, which is a technique for constructing a message authentication code. This delivers both authentication and integrity. In addition to this, CCMP also provides data confidentiality using what is known as CTR mode.
Similarly, GCMP also delivers authentication, encryption, as well as integrity checks.
To understand the operation of these algorithms in detail, I found that a good place to start is their Wikipedia pages
... Continue reading in our forum