TKIP was developed to provide an intermediary solution until the AES solution was available and to be usable with the existing hardware. Thus TKIP can counter most of the security issues in WEP. The mechanisms that TKIP makes use of are the message integrity check (MIC) value called Michael, the extended IV as TKIP sequence counter (TSC), and encryption using RC4.


Michael is a performance-friendly MIC providing 20 bits of security and thus is vulnerable to brute force attack. 20 bits of security means a one out of 220 chance of forgery of MIC. To fight this vulnerability the countermeasures are used. Whenever there is a MIC validation error a rekeying is done with a maximum of one per minute and the network operator is informed of the attack. Michael is calculated on a MSDU in contrast to encryption, which is done at the MPDU level.
The MIC is added to one or more MPDUs if MSDU is fragmented. Michael uses a 64-bit key, and partitions packets into 32-bit blocks. Michael then uses shifts, XORs, and additions to process each 32-bit block into two 32-bit registers that will represent the final output, a 64-bit authentication tag. Michael is calculated on the actual data and the source and destination addresses (SA and DA).

In TKIP the IV is extended to 48 bits and is used as a sequence counter (TSC) that starts from 0 and is incremented by 1 for each MPDU. In reality 32 bits are added to the 24 IV bits of WEP but 8 bits (WEPSeed [1]) are not used so as to get rid of weak keys . TSC1 and TSC0 or lower IVs are the sequence number and are used in TKIP phase 2 mixing while TSC2–TSC5 or upper IVs increment by one after lower IVs rotate and are used in phase 1. This solution allows the usage of different keys for each frame while taking care of weak IVs and gives sequence numbering. The solution also allows the use of the original WEP 24 bits IVs.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.