Announcement

Collapse
No announcement yet.

TKIP vs AES

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • TKIP vs AES

    Which one is it better to use? TKIP or AES when you using WPA or WPA2?

    WPA Pre-Shared Key: There are two encryption options for WPA Pre-Shared Key, TKIP and AES. TKIP stands for Temporal Key Integrity Protocol. TKIP utilizes a stronger encrytption method and incorporates Message Integrity Code (MIC) to provide protection against hackers. AES stands for Advanced Encryption System, which utilizes a symmetric 128-Bit block data encryption.
    - - - -

  • #2
    Originally posted by alexus
    Which one is it better to use? TKIP or AES when you using WPA or WPA2?
    That depends... Are you talking about encrypting only the client authentication, the data, or both?

    WPA Pre-Shared Key: There are two encryption options for WPA Pre-Shared Key, TKIP and AES. TKIP stands for Temporal Key Integrity Protocol. TKIP utilizes a stronger encrytption method and incorporates Message Integrity Code (MIC) to provide protection against hackers. AES stands for Advanced Encryption System, which utilizes a symmetric 128-Bit block data encryption.
    Where did you cut & paste that from?

    Addendum: Never mind, found it...

    Comment


    • #3
      MIC? I would think that MAC, Message Authentication Code, is the right name for that feature.

      BTW, this thread has been done: Wpa

      TKIP itself uses RC-4. I would think that AES used in CTR mode would be as strong or stronger then RC-4. Both use 128-bit keys.

      Comment


      • #4
        TKIP vs AES

        The answer needs a little background

        802.11 was designed as a wireless technology for vertical applications, bar-coding, telemetry etc. As the application did not require much security little was included in the standard.

        It was foreseen that some level of security was needed so WEP based on an RC4 stream cipher was utilised.

        Unfortunately nobody seemed to take much notice of the way the cipher was implemented.

        Ciphers rely on very log pseudo random sequences. this means a stream of numbers that seems random but really follow a predefined deterministic pattern.
        The number sequence must be deterministic so the receiver at the end of the communications link can predict what the next number is and thus decode the information in the channel.

        If you can collect enough packets from a encoded data sequence because the sequence is not truly random, you can apply statistical analysis to the data to predict the next number in a sequence, i.e. cracking the code.

        The way WEP was implemented the seed value that starts the code was static (it was always the same for a given connection ) so if you collect enough data from the channel you could derive the seed (key) and then decrypt the channel.

        As wireless lans started to be used for 'enterprise' applications like sending corporate data security became a big issue, largely because of adverse press. and so to protect profits vendors addressed the issue.

        A task group, 802.11i was setup in the IEEE to deal with the problem.

        Unfortunately for the vendors the IEEE has a habit of taking a >long< time in ratifying new standards, the vendors couldn't sell equipment that was slated in the press as being insecure so, the industry group WiFI rapidly produced an interim solution until 802.11i sorted its life out and ratified an appropriate standard.

        Thus came WPA. WPA still used the RC4 cipher used in WEP, however the seed value was rotated at intervals such that an attacker would not be able to collect enough data to apply the statistical analysis to derive the seed and thus decrypt the channel. This is the same technique used by IKE for VPN tunnels over unsecured public networks like the internet. Because WEP had been given such a bad press WEP was renamed TKIP, (same cypher but rotates the key seed value every so often solving the major flaw in the implementation)

        Meanwhile (and some time later) the IEEE finally ratified 802.11i, which was subsequently coined as WPA2 by WiFI (the joy of marketing). 802.11i uses AES which is stronger (in the sense that you need to collect more packets before you can derive the seed) than RC4.

        So to answer the question which is better. AES needs more packets to be collected for a given seed value than the cipher used in TKIP, however this is not really an issue as the value is rotated more often the number of packets needed to derive the key.

        The other important point to make is that if you decide to use PSK, you are relying on another static key admittedly one that is only used for a fairly small amount of data transfer (only during the seed dissemination process). PSK uses a key phrase, and any use of English language in a password is bad news and susceptible to dictionary attack. so make sure if you are going to use either TKIP PSK or AES PSK make sure you have a strong key phrase not using common words or phrases but rather a string of gobbledygook.
        Last edited by evad123; July 18, 2005, 03:25.

        Comment


        • #5
          How about processing overhead?

          Excellent description evad123! Thank you.

          So how about the taxing of the encryption overhead? Does TKIP offer any speed advantage over AES encryption? (as I recall the draft standard states both are 256-bit)

          In the early days of 3DES VPN's on my poor old slow laptop, it became such an issue that I actually downgraded security to single DES just to bear with the speed loss.

          Comment

          Working...
          X