Page 456 - From GMS to LTE
P. 456
442 From GSM to LTE-Advanced Pro and 5G
For additional security, TKIP introduces a Message Integrity Code (MIC) that is
included in each frame. The process of creation of MIC is referred to as ‘Michael’. The
difference between this and the cyclic redundancy check (CRC) checksum, which con-
tinues to be part of each frame, is as follows.
The CRC checksum is generated from the content of the frame with a public algorithm.
The receiver can thus check if the frame has been altered, for example, by a transmission
error. As the input parameters and the algorithms are known, an attacker could also
modify the CRC. The CRC thus offers protection against transmission errors but not
against modifications made by an attacker. The MIC calculation also uses a public algo-
rithm and the content of the frame. Furthermore, a message integrity key generated dur-
ing the authentication process is used as an input parameter.This prevents a potential
attacker from calculating the MIC and hence, the packet cannot be modified and replayed.
To change the CRC checksum and the MIC, an attacker would have to overcome the RC‐4
ciphering in combination with this additional WPA security measure.
If an error occurs during transmission of the frame, both the MIC and the CRC will
be invalid. The receiver can therefore distinguish between transmission errors and an
attack on data integrity. The WPA standard requires that devices be disconnected from
the network if they receive more than one frame per minute with a correct CRC but an
invalid MIC. Subsequently, they have to wait for 1 minute before they reconnect. This
effectively prevents attacks on user data integrity.
After the 802.11i standard had been finalized, the Wi‐Fi Alliance adapted WPA
accordingly and the WPA2 specification now implements security as per the 802.11i
standard while remaining backward compatible with WPA. This means that a WPA2‐
certified AP also supports ‘WPA‐only’ devices.
In addition to the TKIP algorithm, which was introduced with WPA, WPA2 also sup-
ports the highly secure AES ciphering algorithm. As with WPA, there are two WPA2
flavors. If a device has been ‘personal mode’‐certified, it supports authentication with
an AP with the PSK procedure. For companies that often use more than one AP and
want to assign individual passwords, an AP should also support ‘WPA2 enterprise
mode’. In addition to PSK, such APs also support the 802.1x authentication framework
and can therefore communicate with external authentication servers as described above.
6.7.8 Wi‐Fi‐Protected Setup (WPS)
The configuration of a device to join a wireless network that is protected by WPA/
WPA2 is usually straightforward and is done by the user typing in the password that has
been configured in the AP. The Wi‐Fi Alliance wanted to further simplify the process
and created several methods that are referred to as Wi‐Fi‐Protected Setup (WPS). All
APs and client devices have to implement WPS today to qualify for the Wi‐Fi compati-
bility logos on devices and sales packaging. WPS is not a new encryption method but
was designed to be a simple method to transfer the WPA/WPA2 key from the AP to a
client device during the initial configuration of the client device so that the user does
not have to type in a long password. WPS includes a number of methods which today’s
APs usually support, including the Pushbutton method and the PIN method. The PIN
method can usually be activated and deactivated in the AP and works as follows:
Step 1: A Diffie–Hellman key‐exchange procedure is performed to establish an
encrypted channel for the information exchange that follows. This ensures that
