2). The per-frame
key is subsequently used as a WEP key, with the first 24 bits transmitted in the clear.
The phase 2 hash uses an S-box mixing function that operates on 16-bit values of the
array, a mixing function that uses rotate and addition operations, and an algorithm to
calculate the 48-bit IV value. The phase 2 hash eliminates the effects of the WEP/RC4 key
scheduling algorithm flaw. Use of the extended 48-bit IV eliminates the need to re-key due
to exhaustion of the IV space and eliminates the issue of IV reuse seen in WEP, as
quadrillions of frames can be sent before the TKIP IV space (248) is exhausted.
7.3.2 TKIP Temporal Key Derivation
TKIP temporal key derivation defines a method whereby the ???secret key??? or master key is
not used to encrypt data packets but rather is the basis from which temporal or transient
encryption keys are derived (Figure 7.3). These temporal keys may then be used as input to
the per-frame hash function described above. This approach is very different from the WEP
definition and implementations, in which the provisioned key is used directly as the secret
portion of the encryption key.
TKIP uses a pseudorandom function (PRF), operating on the secret key, a text string,
the MAC addresses of the station and the authenticator, and nonce values, to generate a
temporal key.
Pages:
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393