05-12-2004 07:01 AM - edited 07-04-2021 09:38 AM
Cisco APs offer CKIP and TKIP. What's the difference?
Also what's the difference between MIC and CMIC?
Which are part of 802.11i and which are Cisco proprietary?
05-18-2004 07:47 AM
CKIP is Cisco Key Integrity Protocol. Cisco's WEP key permutation technique based on an early algorithm presented by the IEEE 802.11i security task group.
TKIP is Temporal Key Integrity Protocol. Also referred to as WEP key hashing. A security feature that defends against an attack on WEP in which the intruder uses the initialization vector (IV) in encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies on to determine the WEP key by exploiting IVs.
MIC is Message integrity check. MIC prevents bit-flip attacks on encrypted packets. During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and the receiver accepts the retransmitted message as legitimate. The client adapter's driver must support MIC functionality, and MIC must be enabled on the access point.
CMIC is Cisco Message Integrity Check. MIC prevents bit-flip attacks on encrypted packets. During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and the receiver accepts the retransmitted message as legitimate. The client's adapter driver must support MIC functionality, and MIC must be enabled on the access point.
For more details
05-18-2004 11:53 AM
Ok, they both sound very similar. What are the differences?
05-20-2004 05:49 PM
ebreniz already gave a perfect description of what they do - In short, CKIP and CMIC are Cisco's pre-802.11i ratification and pre-WPA spec implementations of TKIP and MIC which are now standard. A part of cisco's continuing policy of pushing out new features and technology before the (often slow) standards bodies' ratification process completes. If you intend to have full WPA/802.11i compatibility you want to use TKIP & MIC.
05-21-2004 04:56 AM
I guess I am just not understanding. Cisco has come up with CKIP and CMIC which are proprietary to Cisco equipment and based on early information given by 802.11i. Is that correct?
In terms of operation how are they different from TKIP and MIC? The definitions I've seen both describe the same thing.
One final question. Which of these is correct:
802.11i = CKIP + CMIC
802.11i = TKIP + MIC
Thank you
05-21-2004 10:37 AM
802.11i = TKIP + MIC and AES encryption with key management
WPA = TKIP + MIC
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide