TKIP is one of the components of the IEEE 802.11i standard that attempts to address some of the vulnerabilities discovered in the WEP protocol. TKIP is used for generating random values that can be used along with the encryption algorithm to produce better encryption relative to WEP. TKIP also addresses an important aspect of a cryptographic solution that was sorely missing in WEP-key management. Specifically, WEP was incapable of dynamic key management. Proper key management schemes make sure that the cryptographic keys are kept safe from unauthorized parties.
A guiding principle behind the development of TKIP was to provide a solution that would not be too much of a radical departure from the existing WEP deployments. TKIP was designed so that original equipment manufacturers (OEM) of networking hardware could easily apply the new changes and improvements via software or firmware updates, without requiring the numerous/existing WEP deployments to make major changes to their current infrastructure.
So the "marketing name" for TKIP is WPA, and TKIP/WPA is endorsed by the Wi-Fi Alliance, which comes in the form of a certification program. The Alliance guarantees interoperability and compliance in products that have passed its certification requirements.
Underneath TKIP is still the RC4 algorithm-albeit a new and improved implementation. Exploitable vulnerabilities have been discovered in TKIP/WPA solution.
Tip The version of WPA that is targeted and well suited for the home user or SOHO market is called WPA Personal, WPA Pre-shared Key (WPA-PSK). And the version targeted for the enterprise market is called WPA Enterprise.
The pre-shared key is a pass-phrase-a sequence of 8-63 ASCII-encoded characters.
In this tutorial:
- Securing Wireless Networks
- Security Background
- Security Services
- Cryptographic Concepts and Terms
- Encryption and Decryption
- Exclusive OR (XOR)
- Asymmetric Encryption Algorithms
- Public-Private Key Cryptography
- Concealment Ciphers vs. Running Key Ciphers
- Stream Ciphers vs. Block Ciphers
- Cipher Examples
- Cipher Implementations
- Wi-Fi Protected Access
- Wi-Fi Protected Access 2 (WPA2)
- Hash Functions
- EAP Entities
- EAP Grammar
- EAP Types
- IEEE 802.11i
- Four-Way Handshake
- IEEE 802.11i Considerations