Abstract
The IEEE 802.11 wireless local area network standard did not incorporate a cryptographic message integrity code into its wired equivalent privacy (WEP) protocol, and relied upon CRC-32 for message integrity. This was shown to be completely insecure since WEP uses a stream cipher (RC4) for encryption. The latest IEEE 802.11i draft addresses this, and other, weaknesses discovered in WEP. IEEE 802.11i suggests three new modes of operation: two based on the Advanced Encryption Standard cipher and one [temporal key integrity protocol (TKIP)] still based on RC4. The TKIP mode is intended for use on legacy hardware, which is computationally weak. TKIP uses a new, keyed, 64-b, message integrity code called Michael. In this letter, we highlight a weakness in Michael and suggest a simple fix.
