Question on broadcast data encryption using WPA

When broadcast frames are transmitted by an AP working in WPA security mode, is the MIC added to the encrypted frames always, or is it optional or is it not added at all. Can anyone please clarify this point

thanks! /mbr

Reply to
sec123
Loading thread data ...

That's muddled. By NIC, I'll assume you mean MAC address of the NIC card that originated the traffic.

All management frames, including SSID broadcasts, are send unencrypted. You want the whole world to hear those or things like SSID identification, session initialization, and such will not work.

Wireless is nothing more than bridging, where 802.3 ethernet packets are encapsulated inside 802.11 packets. The MAC address of the originating wireless device is transmitted in the clear or bridging would not work. However, the MAC addresses in the encapsulated 802.3 ethernet packets, are encrypted as part of the payload. I'm not sure exactly what you mean by "broadcast frames" but if you're thinking of

802.3 broadcasts, they're encrypted along with the rest of the encapsulated ethernet stuff.

The only difference between WEP and WPA is the way the keys are exchanged. The payload is exactly the same RC4 cipher (although WPA can optionally do AES encryption).

Reply to
Jeff Liebermann

Duh. I saw NIC. I guess it's time to change fonts from Fixedsys 9pt to something else as the N and M look almost identical. Sorry.

MIC is Message Integrity Check and is part of 802.11i WPA2. It's claim to fame is that it protects both the payload and the header, instead of just the payload. It also includes a frame counter and thus prevents replay attacks.

I can't answer the question on how MIC is used without doing considerable reading on WPA2, TKIP, the Michael algorithm, and Message Authentication Code tags. Maybe someone else can answer.

Reply to
Jeff Liebermann

MIC = Message Integrity Check

Unless he means otherwise?

Reply to
David Taylor

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.