Definition

Temporal Key Integrity Protocol (TKIP)

Rahul Awati

By

Rahul Awati

What is Temporal Key Integrity Protocol (TKIP)?

Temporal Key Integrity Protocol (TKIP) is an encryption protocol included in the Institute of Electrical and Electronics Engineers (IEEE) 802.11i standard for wireless local area networks (WLANs). It was designed and implemented to provide more secure encryption than the notoriously weak Wired Equivalent Privacy (WEP), the original WLAN security protocol.

TKIP works on older or legacy WEP hardware. It is also the core component of Wi-Fi Protected Access (WPA), which replaced WEP in WLAN products.

Anatomy of Temporal Key Integrity Protocol

Like WEP, TKIP uses the Rivest Cipher 4 (RC4) stream encryption algorithm as its basis. However, unlike WEP, TKIP encrypts each data packet with a unique encryption key. Also, TKIP's keys are much stronger than those of its predecessor.

TKIP includes three parts:

64-bit message integrity check (MIC).
Packet sequencing control.
Per-packet key mixing function.

The mixing function is combined with the initialization vector (IV) or starting variable and sent to the RC4 cipher. The MIC's protocol is called "Michael." It is designed to help with TKIP and provide higher reliability with relatively simple computations. Although Michael is not as cryptographically secure as WPA and WPA2, it is significantly better than WEP's 32-bit Cyclic Redundancy Checksum (CRC-32) and can therefore be used to build fairly secure networks.

The 8-byte MIC is placed at the end of the frame before it is sent for WEP encryption. Since it is based on the entire frame and not just individual fragments and the data of the packet, Michael avoids iterative guessing, bit flipping and some fragmentation attacks to which WEP is vulnerable.

Wireless security cheat sheet. — TKIP is a WLAN encryption protocol designed to provide more secure encryption than WEP.

Differences between WEP and TKIP

One difference between WEP and TKIP is that TKIP expands the IV and key ID fields to 8 bytes. It gives a 6-byte IV called the TKIP sequence counter (TSC) that doesn't need to wrap. Even if it gets close to wrapping, the client must renegotiate a new pairwise transient key (PTK), which prevents key reuse.

Another change in TKIP is that its per-frame key uses a new algorithm that takes into account the larger IV and PTK as well as the transmitter's address. There is a brand-new per-frame key for each frame. TKIP also uses an S-box cryptographic device to spread out the per-frame key in a random-looking pattern, which prevents the RC4 from leaking information -- a common issue with weak RC4 per-frame keys.

Temporal Key Integrity Protocol algorithms

TKIP is not a single encryption algorithm. Rather, it is a suite of algorithms that works as a "wrapper" to WEP. It thus allows users of legacy WLAN equipment and WEP hardware to upgrade to TKIP without having to replace the hardware. TKIP uses the original WEP programming, but wraps additional code at the beginning and end to encapsulate and modify it.

To increase key strength, TKIP includes four additional algorithms:

A cryptographic MIC to protect packets.
An IV sequencing mechanism that includes hashing, as opposed to WEP's plaintext transmission.
A per-packet key-mixing function to increase cryptographic strength.
A re-keying mechanism to provide key generation every 10,000 packets.

Development and evolution of TKIP

The Wi-Fi Alliance and the IEEE 802.11i task group developed TKIP between 2002 and 2004 to run on WEP hardware without slowing it down significantly. It was approved as a part of the WPA protocol and adopted as a Wi-Fi security standard to improve confidentiality and integrity.

To prevent slowdowns, TKIP includes a preprocessing step before WEP encryption. It still uses RC4 as the encryption algorithm. However, it adds features into the selection of the per-frame key, and also introduces a new MIC to sit beside the WEP CRC-32 error-detecting function to identify changes between source and target data.

In 2012, TKIP was officially deprecated in the 802.11 standard.

Advantages of TKIP over WEP

WEP is the earliest Wi-Fi security protocol. It is vulnerable to many kinds of cyber attacks, such as replay attacks. TKIP has several security and integrity advantages over WEP. One reason for these advantages is that with TKIP, each data packet is encrypted using a different key, as opposed to simply concatenating the IV and the key. In addition, TKIP uses a sequence counter. If a replay attack is attempted, the counter is different, which results in the failure of the attempt.

In TKIP, the TSC is required to increase by one for each message. During communications, each side keeps the current TSC that it is sending with as well as the last TSC received from the other side. If a frame is received with an old TSC, it is considered to be out of order, so the receiver will drop it. An attacker will not be able to replay valid but old frames. Also, unless the frame is decryptable, the receiver won't update the last good TSC. And the frame won't be decryptable because the attacker does not know the key. In this way, TKIP provides replay protection, which is missing in WEP.

Drawbacks of Temporal Key Integrity Protocol

TKIP is useful for upgrading security on devices originally equipped with WEP. It addresses the key reuse problems common in WEP. However, it does not address all the security issues facing WLANs. It is vulnerable to pre-shared key attacks and attacks originating in the same network, because the session secret doesn't change and remains the same for all users on the network. It is also vulnerable to denial-of-service attacks and attacks where threat actors try to guess at certain parts of a message and make some minor alterations to the packets. Thus, while TKIP is safer than WEP, it is not completely secure or hassle-free. Also, it might not be reliable or efficient enough for sensitive corporate and government data transmission.

The 802.11i standard specifies the Advanced Encryption Standard (AES) in addition to TKIP. The WPA standard uses TKIP, whereas WPA2 uses AES. AES offers higher security and stronger encryption services than RC4. For these reasons, it is more suitable for government and military use than TKIP. However, AES requires a hardware upgrade for implementation and to provide optimal wireless voice quality. As more organizations replace older wireless equipment, AES is expected to become the accepted encryption standard for WLAN security.

Learn about the differences between WLAN and Wi-Fi and read about wireless network configuration basics.

This was last updated in April 2023

Continue Reading About Temporal Key Integrity Protocol (TKIP)

Wireless security: WEP, WPA, WPA2 and WPA3 differences

WLAN security: Best practices for wireless network security

Can WPA2 be upgraded to WPA3?

12 types of wireless network attacks and how to prevent them

An overview of wireless WAN

Dig Deeper on Mobile security

Networking

Best practices for network automation with Python
Python libraries, version control, documentation and object-oriented programming provide helpful best practices for network ...
How low Earth orbit satellite networks improve internet access
Compared to traditional satellite setups, LEO satellite internet provides several benefits, such as low latency, reduced costs ...
Cisco makes big splash with Splunk
The integration of Cisco and Splunk could result in a full-stack offering that provides comprehensive visibility across ...

Unified Communications

Assess unified communications pros and cons for hybrid work
Unified communications as a service is getting renewed attention as businesses oversee hybrid workforces. Learn what you should ...
Choose between Microsoft Teams vs. Zoom for conference needs
Weigh the pros and cons of Microsoft Teams vs. Zoom, and focus on ease of use, pricing, market share, video and telephony ...
Smartsheet scales project management for larger customers
The work collaboration platform vendor's updates scale capabilities for task views, high-volume data management and ...

Security

Clop MoveIt Transfer attacks affect over 2,000 organizations
According to research by security vendor Emsisoft, 2,095 organizations and 62,054,613 individuals have been affected by the Clop ...
CrowdStrike makes a breakout move
CrowdStrike's annual user conference emphasized the company's future vision for AI, automation and an integrated security IT ...
3 phases of the third-party risk management lifecycle
Contractors and other third parties can make systems more vulnerable to cyber attacks. The third-party risk management lifecycle ...

Close