Question on broadcast data encryption using WPA

Archived from groups: (More info?)

When broadcast frames are transmitted by an AP working in WPA security
mode, is the MIC added to the encrypted frames always, or is it
optional or is it not added at all. Can anyone please clarify this
point

thanks!
/mbr
3 answers Last reply
More about question broadcast data encryption
  1. Archived from groups: (More info?)

    On 19 Sep 2005 06:24:40 -0700, "sec123" <mohanrbr@gmail.com> wrote:

    >When broadcast frames are transmitted by an AP working in WPA security
    >mode, is the MIC added to the encrypted frames always, or is it
    >optional or is it not added at all. Can anyone please clarify this
    >point

    That's muddled. By NIC, I'll assume you mean MAC address of the NIC
    card that originated the traffic.

    All management frames, including SSID broadcasts, are send
    unencrypted. You want the whole world to hear those or things like
    SSID identification, session initialization, and such will not work.

    Wireless is nothing more than bridging, where 802.3 ethernet packets
    are encapsulated inside 802.11 packets. The MAC address of the
    originating wireless device is transmitted in the clear or bridging
    would not work. However, the MAC addresses in the encapsulated 802.3
    ethernet packets, are encrypted as part of the payload. I'm not sure
    exactly what you mean by "broadcast frames" but if you're thinking of
    802.3 broadcasts, they're encrypted along with the rest of the
    encapsulated ethernet stuff.

    The only difference between WEP and WPA is the way the keys are
    exchanged. The payload is exactly the same RC4 cipher (although WPA
    can optionally do AES encryption).


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 http://802.11junk.com
    Skype: JeffLiebermann AE6KS 831-336-2558
  2. Archived from groups: (More info?)

    > >When broadcast frames are transmitted by an AP working in WPA security
    > >mode, is the MIC added to the encrypted frames always, or is it
    > >optional or is it not added at all. Can anyone please clarify this
    > >point
    >
    > That's muddled. By NIC, I'll assume you mean MAC address of the NIC
    > card that originated the traffic.

    MIC = Message Integrity Check

    Unless he means otherwise?
  3. Archived from groups: (More info?)

    On Mon, 19 Sep 2005 18:32:28 GMT, David Taylor <djtaylor@bigfoot.com>
    wrote:

    >> >When broadcast frames are transmitted by an AP working in WPA security
    >> >mode, is the MIC added to the encrypted frames always, or is it
    >> >optional or is it not added at all. Can anyone please clarify this
    >> >point
    >>
    >> That's muddled. By NIC, I'll assume you mean MAC address of the NIC
    >> card that originated the traffic.

    >MIC = Message Integrity Check
    >Unless he means otherwise?

    Duh. I saw NIC. I guess it's time to change fonts from Fixedsys 9pt
    to something else as the N and M look almost identical. Sorry.

    MIC is Message Integrity Check and is part of 802.11i WPA2. It's
    claim to fame is that it protects both the payload and the header,
    instead of just the payload. It also includes a frame counter and
    thus prevents replay attacks.

    I can't answer the question on how MIC is used without doing
    considerable reading on WPA2, TKIP, the Michael algorithm, and Message
    Authentication Code tags. Maybe someone else can answer.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 http://802.11junk.com
    Skype: JeffLiebermann AE6KS 831-336-2558
Ask a new question

Read More

Configuration Encryption Wireless Networking