TKIP MIC – Need and MIC Format

The TKIP Michael Integrity check prevents forgery attacks. The MIC is a 64 bit (8 byte) value. The MIC in itself is weak and hence is encrypted and sent along with the MSDU. Since the ICV (Integrity Check Value) is computed on an MPDU in the MAC layer, The Michael Integrity check provides an upper layer security for different types of attacks which have passed the ICV check.

The list of attacks that the Michael Integrity check given in the 802.11 standard that the Michael Integrity Check (MIC) is able to protect against is given below

  • Bit-flipping attacks
  • Data (payload) truncation, concatenation, and splicing
  • Fragmentation attacks
  • Iterative guessing attacks against the key
  • Redirection by modifying the MPDU DA or RA field
  • Impersonation attacks by modifying the MPDU SA or TA field

The MIC makes it more difficult for any of these attacks to succeed.

The MIC is computed over the Destination address (DA), source Address (SA), MSDU Priority, 3 reserved bytes and the MSDU itself. It is appended to the MSDU at the end of the MSDU and the entire MSDU+MIC is encrypted. This allows MAC layer attacks to be detected. The below diagrams are indicative of the current paragraph.

FIG Courtesy: 802.11-2012TM Standard

For the interested reader – refer section 11.4.2.3.3 Definition of the TKIP MIC – 802.11-2012 standard to understand how the MIC is calculated.

The MSDU with MIC attached can be partitioned and sent as multiple MPDUs. MIC alone cannot provide complete protection against forgery attacks and hence TKIP also incorporates replay protection. TKIP Replay Protection will be explained in the next article.

TKIP Replay Protection

Leave a Reply

Your email address will not be published. Required fields are marked *