11 MAC-level enhancements have been specified to provide standard, strong
encryption and data authentication at the wireless MAC level and to enable use of upperlayer
authentication. The IEEE 802.11i MAC Security Enhancements amendment, now
incorporated into the IEEE 802.11-2007 standard [8] defined standards for
??? TKIP, a strengthened version of the RC-4/per-frame IV encryption protocol;
??? CCMP, a 128-bit AES encryption and data authentication protocol.
TKIP was intended to provide a backwards-compatible solution for WEP-capable
devices, incorporating improvements and enhancements to address the shortcomings of
WEP. These enhancements include:
??? The addition of a per-frame hash function and IV sequencing rules [9, 10];
??? The addition of temporal key derivation algorithms [11];
??? The addition of a message authentication code, termed message integrity code [12].
Taken together, TKIP addresses the flaws identified in the WEP algorithm that were
identified by the cryptographic community. A critical constraint placed on TKIP was that it
be able to be implemented and deployed via software upgrade to the then existing base of
millions of 802.
Pages:
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390