It is currently Sun Sep 15, 2019 11:53 pm

All times are UTC - 7 hours





Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Thu Feb 07, 2019 7:07 pm 
Online

Joined: Fri Feb 24, 2012 12:09 pm
Posts: 1003
Both WEP and WPA-TKIP are using RC4 for encryption.
WPA-TKIP is having some extras (Extended IV and MIC) that were supposed to be implemented as firmware upgrade, without needing new hardware.
So far that's nice - but is it really working?

TKIP uses "Phase1" and "Phase2" functions to update the RC4 key based on the IV in the packet. If the RC4 hardware is automatically decrypting incoming packets then one must set the RC4 key in advance, and thereby, one must know the IV in advance before receiving the packet. That could be actually possible because the IV is increased by one per packet, so one could re-use the IV from previous packet plus 1.

I don't understand if or how it could work in some specific cases:

Lost Packets: How would one increment the IV in such cases? The specs say something about ignoring "out of order" packets, and increasing the "replay" in such cases (which I think it means to increment the IV, and which might help to resync after lost packets).
The problem would be that one can't receive (and decrypt) any such "out of order" packets because of the wrong IV (and thereby wrong RC4 key).
At best, the hardware might throw a "decryption error" interrupt in such cases, one could perhaps treat that as "out of order" and increment the IV accordingly, but... which IV... the IV for the pairwise key, or the IV for the group key?

RX vs TX: The "Phase1" function uses the transmitters MAC address, so one would need at least two different RC4 keys, one for client-to-AP and one for AP-to-client. To some level one could forcefully switch to using the other key before/after transmitting packets.
But that could get wrong if there are queued packets and such stuff. It might be possible to work around that, eg. by testing that there is no RX in progress before switching to TX key.

Access Points: The AP needs to have different pairwise keys for each network member, but the original WEP/RC4 hardware wasn't designed to support such things. So a firmware upgrade for access points would be even more difficult than firmware upgrades for client side.

Alltoghether I can't see how TKIP could have ever been implemented as firmware upgrade. At least not if the hardware is automatically applying RC4 decryption on the fly, without allowing to examine the packet header & change the RC4 key before decryption.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 7 hours


Who is online

Users browsing this forum: Google [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group