Question on broadcast data encryption using WPA

When broadcast frames are transmitted by an AP working in WPA security
mode, is the MIC added to the encrypted frames always, or is it
optional or is it not added at all. Can anyone please clarify this
point

thanks!
/mbr

On 19 Sep 2005 06:24:40 -0700, "sec123" <mohanrbr@gmail.com> wrote:

>When broadcast frames are transmitted by an AP working in WPA security
>mode, is the MIC added to the encrypted frames always, or is it
>optional or is it not added at all. Can anyone please clarify this
>point

That's muddled. By NIC, I'll assume you mean MAC address of the NIC
card that originated the traffic.

All management frames, including SSID broadcasts, are send
unencrypted. You want the whole world to hear those or things like
SSID identification, session initialization, and such will not work.

Wireless is nothing more than bridging, where 802.3 ethernet packets
are encapsulated inside 802.11 packets. The MAC address of the
originating wireless device is transmitted in the clear or bridging
would not work. However, the MAC addresses in the encapsulated 802.3
ethernet packets, are encrypted as part of the payload. I'm not sure
exactly what you mean by "broadcast frames" but if you're thinking of
802.3 broadcasts, they're encrypted along with the rest of the
encapsulated ethernet stuff.

The only difference between WEP and WPA is the way the keys are
exchanged. The payload is exactly the same RC4 cipher (although WPA
can optionally do AES encryption).



--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

> >When broadcast frames are transmitted by an AP working in WPA security
> >mode, is the MIC added to the encrypted frames always, or is it
> >optional or is it not added at all. Can anyone please clarify this
> >point
>
> That's muddled. By NIC, I'll assume you mean MAC address of the NIC
> card that originated the traffic.

MIC = Message Integrity Check

Unless he means otherwise?

On Mon, 19 Sep 2005 18:32:28 GMT, David Taylor <djtaylor@bigfoot.com>
wrote:

>> >When broadcast frames are transmitted by an AP working in WPA security
>> >mode, is the MIC added to the encrypted frames always, or is it
>> >optional or is it not added at all. Can anyone please clarify this
>> >point
>>
>> That's muddled. By NIC, I'll assume you mean MAC address of the NIC
>> card that originated the traffic.

>MIC = Message Integrity Check
>Unless he means otherwise?

Duh. I saw NIC. I guess it's time to change fonts from Fixedsys 9pt
to something else as the N and M look almost identical. Sorry.

MIC is Message Integrity Check and is part of 802.11i WPA2. It's
claim to fame is that it protects both the payload and the header,
instead of just the payload. It also includes a frame counter and
thus prevents replay attacks.

I can't answer the question on how MIC is used without doing
considerable reading on WPA2, TKIP, the Michael algorithm, and Message
Authentication Code tags. Maybe someone else can answer.





--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558