Definition

Temporal Key Integrity Protocol (TKIP)

Rahul Awati

By

Rahul Awati

Published: Apr 03, 2023

What is Temporal Key Integrity Protocol (TKIP)?

Temporal Key Integrity Protocol (TKIP) is an encryption protocol included in the Institute of Electrical and Electronics Engineers (IEEE) 802.11i standard for wireless local area networks (WLANs). It was designed and implemented to provide more secure encryption than the notoriously weak Wired Equivalent Privacy (WEP), the original WLAN security protocol.

TKIP works on older or legacy WEP hardware. It is also the core component of Wi-Fi Protected Access (WPA), which replaced WEP in WLAN products.

Anatomy of Temporal Key Integrity Protocol

Like WEP, TKIP uses the Rivest Cipher 4 (RC4) stream encryption algorithm as its basis. However, unlike WEP, TKIP encrypts each data packet with a unique encryption key. Also, TKIP's keys are much stronger than those of its predecessor.

TKIP includes three parts:

64-bit message integrity check (MIC).
Packet sequencing control.
Per-packet key mixing function.

The mixing function is combined with the initialization vector (IV) or starting variable and sent to the RC4 cipher. The MIC's protocol is called "Michael." It is designed to help with TKIP and provide higher reliability with relatively simple computations. Although Michael is not as cryptographically secure as WPA and WPA2, it is significantly better than WEP's 32-bit Cyclic Redundancy Checksum (CRC-32) and can therefore be used to build fairly secure networks.

The 8-byte MIC is placed at the end of the frame before it is sent for WEP encryption. Since it is based on the entire frame and not just individual fragments and the data of the packet, Michael avoids iterative guessing, bit flipping and some fragmentation attacks to which WEP is vulnerable.

Wireless security cheat sheet. — TKIP is a WLAN encryption protocol designed to provide more secure encryption than WEP.

Differences between WEP and TKIP

One difference between WEP and TKIP is that TKIP expands the IV and key ID fields to 8 bytes. It gives a 6-byte IV called the TKIP sequence counter (TSC) that doesn't need to wrap. Even if it gets close to wrapping, the client must renegotiate a new pairwise transient key (PTK), which prevents key reuse.

Another change in TKIP is that its per-frame key uses a new algorithm that takes into account the larger IV and PTK as well as the transmitter's address. There is a brand-new per-frame key for each frame. TKIP also uses an S-box cryptographic device to spread out the per-frame key in a random-looking pattern, which prevents the RC4 from leaking information -- a common issue with weak RC4 per-frame keys.

Temporal Key Integrity Protocol algorithms

TKIP is not a single encryption algorithm. Rather, it is a suite of algorithms that works as a "wrapper" to WEP. It thus allows users of legacy WLAN equipment and WEP hardware to upgrade to TKIP without having to replace the hardware. TKIP uses the original WEP programming, but wraps additional code at the beginning and end to encapsulate and modify it.

To increase key strength, TKIP includes four additional algorithms:

A cryptographic MIC to protect packets.
An IV sequencing mechanism that includes hashing, as opposed to WEP's plaintext transmission.
A per-packet key-mixing function to increase cryptographic strength.
A re-keying mechanism to provide key generation every 10,000 packets.

Development and evolution of TKIP

The Wi-Fi Alliance and the IEEE 802.11i task group developed TKIP between 2002 and 2004 to run on WEP hardware without slowing it down significantly. It was approved as a part of the WPA protocol and adopted as a Wi-Fi security standard to improve confidentiality and integrity.

To prevent slowdowns, TKIP includes a preprocessing step before WEP encryption. It still uses RC4 as the encryption algorithm. However, it adds features into the selection of the per-frame key, and also introduces a new MIC to sit beside the WEP CRC-32 error-detecting function to identify changes between source and target data.

In 2012, TKIP was officially deprecated in the 802.11 standard.

Advantages of TKIP over WEP

WEP is the earliest Wi-Fi security protocol. It is vulnerable to many kinds of cyber attacks, such as replay attacks. TKIP has several security and integrity advantages over WEP. One reason for these advantages is that with TKIP, each data packet is encrypted using a different key, as opposed to simply concatenating the IV and the key. In addition, TKIP uses a sequence counter. If a replay attack is attempted, the counter is different, which results in the failure of the attempt.

In TKIP, the TSC is required to increase by one for each message. During communications, each side keeps the current TSC that it is sending with as well as the last TSC received from the other side. If a frame is received with an old TSC, it is considered to be out of order, so the receiver will drop it. An attacker will not be able to replay valid but old frames. Also, unless the frame is decryptable, the receiver won't update the last good TSC. And the frame won't be decryptable because the attacker does not know the key. In this way, TKIP provides replay protection, which is missing in WEP.

Drawbacks of Temporal Key Integrity Protocol

TKIP is useful for upgrading security on devices originally equipped with WEP. It addresses the key reuse problems common in WEP. However, it does not address all the security issues facing WLANs. It is vulnerable to pre-shared key attacks and attacks originating in the same network, because the session secret doesn't change and remains the same for all users on the network. It is also vulnerable to denial-of-service attacks and attacks where threat actors try to guess at certain parts of a message and make some minor alterations to the packets. Thus, while TKIP is safer than WEP, it is not completely secure or hassle-free. Also, it might not be reliable or efficient enough for sensitive corporate and government data transmission.

The 802.11i standard specifies the Advanced Encryption Standard (AES) in addition to TKIP. The WPA standard uses TKIP, whereas WPA2 uses AES. AES offers higher security and stronger encryption services than RC4. For these reasons, it is more suitable for government and military use than TKIP. However, AES requires a hardware upgrade for implementation and to provide optimal wireless voice quality. As more organizations replace older wireless equipment, AES is expected to become the accepted encryption standard for WLAN security.

Learn about the differences between WLAN and Wi-Fi and read about wireless network configuration basics.

Continue Reading About Temporal Key Integrity Protocol (TKIP)

Wireless security: WEP, WPA, WPA2 and WPA3 differences

WLAN security: Best practices for wireless network security

Can WPA2 be upgraded to WPA3?

12 types of wireless network attacks and how to prevent them

An overview of wireless WAN

Dig Deeper on Mobile security

Search Networking

What is a rogue DHCP server?
Rogue DHCP servers can throw DHCP infrastructures out of balance. These servers cause numerous network problems but are easy to ...
How AIOps enables next-generation networking
As networks grow more complex, management becomes more difficult. AIOps can help network administrators transition to and manage ...
BGP routing: A configuration and troubleshooting tutorial
BGP is the internet's core routing protocol, enabling communication between ISPs and large networks. This guide covers its ...

Search Unified Communications

The difference between Zoom Meetings and Zoom Webinars
The key differences between Zoom Meetings and Zoom Webinars are attendee size and participation. Compare the two apps to learn ...
UCaaS vs. CCaaS vs. CPaaS: What's the difference?
It can be difficult to make sense of popular cloud communications service models. Compare UCaaS vs. CCaaS vs. CPaaS to understand...
5 steps to address hybrid meeting equity
Taking the steps necessary to ensure that employees can attend meetings, regardless of location, takes time, but new tools can ...

Search Security

How to choose a cloud key management service
Amazon, Microsoft, Google, Oracle and cloud-agnostic vendors offer cloud key management services. Read up on what each offers and...
How to create a remote access policy, with template
Remote work, while beneficial, presents numerous security risks. Help keep your organization's systems safe with a remote access ...
What is data risk management? Key risks and best practices
Data risk management identifies, assesses and mitigates threats to organizational data, safeguarding sensitive information from ...

Close