AuthorsV. Moen, H. Raddum and K. J. Hole
TitleWeaknesses in the temporal key hash of WPA
Afilliation, Communication Systems
Project(s)Simula UiB
Publication TypeJournal Article
Year of Publication2004
JournalMobile Computing and Communications Review
Date Published04/2004
PublisherACM Sigmobile
Keywords802.11, MIC, Michael, temporal key hash, TKIP, WPA

This article describes some weaknesses in the key scheduling in Wi-Fi Protected Access (WPA) put forward to secure the IEEE standard 802.11-1999. Given a few RC4 packet keys in WPA it is possible to find the Temporal Key (TK) and the Message Integrity Check (MIC) key. This is not a practical attack on WPA, but it shows that parts of WPA are weak on their own. Using this attack it is possible to do a TK recovery attack on WPA with complexity O(2105) compared to a brute force attack with complexity O (2128).

Citation Key24078

Contact person