Michael Countermeasures tracing

Joshua Wright jwright at hasborg.com
Fri Nov 18 07:26:14 EST 2005

Hash: SHA1

Arseniy Chernov wrote:
> I'm spending second week already trying to understand how should the 
> trace of source of MIC error in a buggy RF environment be performed, 
> hope to receive some advices here...

It's interesting that you would ever see a Michael error.  The design of
TKIP has a few different security features that would make it difficult
for someone to craft a frame that would report an invalid Michael hash.
 Specifically, I believe the TKIP RX handling process works as follows:

1. Receive frame, examine sequence number.  If sequence number is too
small, drop frame (mitigating replay attacks).
2. Implement key mixing function to decrypt the MPDU and check the ICV.
 If the ICV is invalid, drop the frame.
3. Reassemble all MPDU's into the MSDU and calculate Michael hash over
the contents.  If Michael hash is invalid, record and take
countermeasures if necessary.

I see a few different possibilities where you would be experiencing
Michael errors:

1. An adversary is maliciously injecting malformed frames to DoS your
network by triggering Michael countermeasures.  This isn't likely, as
the attacker has to overcome the rules of sequence enforcement and
maintaining the integrity of the ICV in order to make this happen.
2. Faulty AP implementation - if your AP isn't following the correct
order of steps to decrypt and verify the contents of an MSDU (e.g. they
are checking the Michael hash before they check the ICV), then a corrupt
frame could cause this condition.
3. Faulty client implementation - If your client has a software flaw, it
is possible that they aren't recording the Michael hash properly, or are
not calculating the Michael hash over the correct fields.  I'd imagine
this is the most likely case here - what client software and card are
you using for your station?

Thanks for sharing these details.

- -Josh
- --
- -Joshua Wright
jwright at hasborg.com

2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF

Today I stumbled across the world's largest hotspot.  The SSID is "linksys".
Version: GnuPG v1.4.2 (MingW32)


More information about the HostAP mailing list