What is MIC
Dear friends,
This is the second part of one of our readers, valuable comment for making the series more easily understandable and as this is valuable command I am publishing it in front page for all of you.
Sitanshu said...
Dear All,
This is second part of the previous article I posted. Consider is the next page of the same article.
TKIP Message Integrity Check (MIC)
Similar to TKIP, the Message Integrity Check (MIC) had also many versions before 802.11i defined it as a single standard. Once this was done, MIC became known as Michael although the acronym MIC still remains. Today with 802.11i, ratified MIC is Michael and vice versa. The protocol itself was created to help fight against the many message modification attacks that were prevalent in the WEP protocol. The IEEE 802.11i standard describes the need for MIC in the following quote: “Flaws in the IEEE 802.11 WEP design cause it to fail to meet its goal of protecting data traffic content from casual eavesdroppers. Among the most significant WEP flaws is the lack of a mechanism to defeat message forgeries and other active attacks. To defend against active attacks, TKIP includes a MIC, named Michael.” The MIC was created as a more secure method of handling integrity checking compared to the IVC in WEP.
The MIC is a hash that is calculated on a per-packet basis. This means a single MIC hash could span multiple frames and handle fragmentation. The MIC is also on a per-sender, per-receiver basis. This means that any given conversation has a MIC flowing from sender A to receiver B and a separate MIC flowing from sender B to receiver A.
The MIC is based on seed value, destination MAC, source MAC, priority, and payload. Unlike IC, MIC uses a hashing algorithm to stamp the packet, giving an attacker a much smaller chance to modify a packet and have it still pass the MIC. The seed value is similar to the WEP protocol’s IV. TKIP and MIC use the same IV space, although they have added an additional four octets to it. This was done to make the threat of using the same IV twice in a short time period less likely.
The MIC is also encrypted inside the data portion, which means it is not obtainable through a hacker’s wireless sniffer. To add to this, the TKIP also left the WEP IVC process, which then adds a second, less secure method of integrity checking on the entire frame. To combat message modification attacks, the TKIP and MIC went a step further and introduced the TKIP countermeasures procedures. This is a mechanism designed to protect against modification attacks. It works by having an access point shut down its communications if two MIC failures occur in 60 seconds. In this event, the access point would shut down for 60 seconds. When it comes back up, it would require that all clients trying to reconnect change their keys and undergo a re-keying. Some vendors allow one to define these thresholds, although the MIC standard calls out these values.
To prevent noise from triggering a TKIP countermeasure procedure, the MIC validation process is performed after a number of other validations. The validations performed before the MIC countermeasure validation are the frame check sum (FCS), integrity check sum (ICV), and TKIP sequence counter (TSC). If noise was to interfere with the packet and modify it, one of these other checks would be able to find it first, thus preventing the frame from incrementing the MIC countermeasure counter.
Pl keep in touch for more interesting articles on this topic.
Thanking you
Urproblemmysolution Team
Showing posts with label Readers Valuable comment. Show all posts
Showing posts with label Readers Valuable comment. Show all posts
Monday, May 17, 2010
Sunday, May 16, 2010
Unsecured Wifi and we---------Part-5
What is TKIP
Dear Friends,
The topic has become interesting here as one of my valuable reader has shared his valuable knowledge with us for explaining more easily about some codes which are used in Wi-fi. TKIP is one of them and for that I have decided to post that technical term in front page for all of us and making this topic more attractive. So lets have a look on that comment
Sitanshu said...
Dear Sujit/Sudipto,
Thank you for a fantastic article on WLAN Security.
I thought that our readers deserve a bit more. There are many advanced users who would like to know more about TKIP, MIC, WPA, WPA2.
I'm therefore posting this article to explain to our valuable advanced readers the inner details of TKIP and MIC.
TEMPORAL KEY INTEGRITY PROTOCOL (For upgrading a WEP based Wi-Fi Network)
The (TKIP) Temporal key Integrity Protocol was an interim solution developed to fix the key reuse problem of WEP. By key reuse we mean that a single key was used to encrypt all packets in the transmission. Once you examined enough packets as mentioned in an earlier posting you could build the key using XOR operations (WEP Key Builder uses that concept)
TKIP later became part of the 802.11i and subsequently part of WPA and WPA2 standards. I have mentioned in a previous posting that both WPA and WPA2 are interim steps towards moving to 802.11i.
TKIP was included in the 802.11i standards for backwards compatibility. The 802.11i standard did not want to use a cipher based RC4, so they chose AES (Advanced Encryption Standard). TKIP was put into 802.11i for the sole reason of helping older devices transition to 802.11i. To do this, 802.11i needed to support a protocol that could easily upgrade WEP to something safe enough to include in 802.11i.. WEP as we all know was weak and flawed. Using TKIP protected against attacks and reduced the overall risk of operating a wireless network.
Today, Cisco differentiates its versions of TKIP and the standard one by calling it the Cisco Key Integrity Protocol (CKIP).
The TKIP encryption portion works in a two-phase process. The first phase generates a session key from a temporal key, TKIP sequence counter (TSC), and the transmitter’s MAC address. The temporal key is made up of a 128-bit value similar to the base WEP key value. The TKIP sequence counter (TSC) is made up of the source address (SA), destination address (DA), priority, and the payload or data. Once this phase is completed, a value called the TKIP-mixed transmit address and key (TTAK) is created. This value is used as a session-based WEP key in the second phase.
In the second phase, the TTAK and the IV are used to produce a key that encrypts the data. This is similar to how WEP is processed. In WEP the first 24 bits of the IV are added in front of the WEP key and then used to create an encryption key that is applied to the data. Then the IV is inserted into the packet header.
The basis of TKIP came from the WEP protocol. In the 802.11i standard, TKIP is referred to as a cipher suite enhancing the WEP protocol on pre- RSNA hardware. This is espoused because RC4 is still used as a cipher, although the technique in which it is used has improved greatly.
The article continues.....
Thanking you
Urproblemmysolution Team
Dear Friends,
The topic has become interesting here as one of my valuable reader has shared his valuable knowledge with us for explaining more easily about some codes which are used in Wi-fi. TKIP is one of them and for that I have decided to post that technical term in front page for all of us and making this topic more attractive. So lets have a look on that comment
Sitanshu said...
Dear Sujit/Sudipto,
Thank you for a fantastic article on WLAN Security.
I thought that our readers deserve a bit more. There are many advanced users who would like to know more about TKIP, MIC, WPA, WPA2.
I'm therefore posting this article to explain to our valuable advanced readers the inner details of TKIP and MIC.
TEMPORAL KEY INTEGRITY PROTOCOL (For upgrading a WEP based Wi-Fi Network)
The (TKIP) Temporal key Integrity Protocol was an interim solution developed to fix the key reuse problem of WEP. By key reuse we mean that a single key was used to encrypt all packets in the transmission. Once you examined enough packets as mentioned in an earlier posting you could build the key using XOR operations (WEP Key Builder uses that concept)
TKIP later became part of the 802.11i and subsequently part of WPA and WPA2 standards. I have mentioned in a previous posting that both WPA and WPA2 are interim steps towards moving to 802.11i.
TKIP was included in the 802.11i standards for backwards compatibility. The 802.11i standard did not want to use a cipher based RC4, so they chose AES (Advanced Encryption Standard). TKIP was put into 802.11i for the sole reason of helping older devices transition to 802.11i. To do this, 802.11i needed to support a protocol that could easily upgrade WEP to something safe enough to include in 802.11i.. WEP as we all know was weak and flawed. Using TKIP protected against attacks and reduced the overall risk of operating a wireless network.
Today, Cisco differentiates its versions of TKIP and the standard one by calling it the Cisco Key Integrity Protocol (CKIP).
The TKIP encryption portion works in a two-phase process. The first phase generates a session key from a temporal key, TKIP sequence counter (TSC), and the transmitter’s MAC address. The temporal key is made up of a 128-bit value similar to the base WEP key value. The TKIP sequence counter (TSC) is made up of the source address (SA), destination address (DA), priority, and the payload or data. Once this phase is completed, a value called the TKIP-mixed transmit address and key (TTAK) is created. This value is used as a session-based WEP key in the second phase.
In the second phase, the TTAK and the IV are used to produce a key that encrypts the data. This is similar to how WEP is processed. In WEP the first 24 bits of the IV are added in front of the WEP key and then used to create an encryption key that is applied to the data. Then the IV is inserted into the packet header.
The basis of TKIP came from the WEP protocol. In the 802.11i standard, TKIP is referred to as a cipher suite enhancing the WEP protocol on pre- RSNA hardware. This is espoused because RC4 is still used as a cipher, although the technique in which it is used has improved greatly.
The article continues.....
Thanking you
Urproblemmysolution Team
Wednesday, December 23, 2009
How to stop Credit Card Fraud Physically
Dear Friends,
After long interval I am going to post a valuable comment of one of my valuable reader for you about how to stop Credit Card fraud physically i.e from clonning or skimming. Here it is for you:-
Sitanshu said...
Dear Sujit,
I wanted to post an article on countering Counterfeit Credit/Debit Card Fraud.
A world class security expert Mr. Tom Patterson has developed a technology that will stop Counterfeit credit/debit card fraud. The technology uses the fact that the Magnetic Sripe on a card is unique like DNA. No two cards have the same microstructure on the magnetic stripe.
MagTek Inc. where Mr. Patterson is the CSO has used this fact to combine the Personal Data of the Card holder and the uniqueness of the Magnetic Stripe holding that data to create a unique DIGITAL ID for each card holder. This way even you duplicate someone's card the Duplicate Produced will never match the original card's digital signature created by this Technology. The Technology is called "MagnePrint".
As long as any card uses Magnetic Stripe on the back using standard format (3 Lines) is concerned this technology will counter duplication. The Technology could be used for "Driver's License", "Credit Cards", "Debit Cards", University Exam Cards etc. It is cheaper than RFID and very very easy to use.
Hope your viewers will enjoy the article.
Warm Regards,
Sitanshu Ray
He also sent me a link from you tube about credit card skimming. I checked it and for that I would request you to visit the link and enjoy the video in the following link
http://www.youtube.com/watch?v=U0w_ktMotlo
paste it on your browser and visit
With Thanks
Urproblemmysolution Team
After long interval I am going to post a valuable comment of one of my valuable reader for you about how to stop Credit Card fraud physically i.e from clonning or skimming. Here it is for you:-
Sitanshu said...
Dear Sujit,
I wanted to post an article on countering Counterfeit Credit/Debit Card Fraud.
A world class security expert Mr. Tom Patterson has developed a technology that will stop Counterfeit credit/debit card fraud. The technology uses the fact that the Magnetic Sripe on a card is unique like DNA. No two cards have the same microstructure on the magnetic stripe.
MagTek Inc. where Mr. Patterson is the CSO has used this fact to combine the Personal Data of the Card holder and the uniqueness of the Magnetic Stripe holding that data to create a unique DIGITAL ID for each card holder. This way even you duplicate someone's card the Duplicate Produced will never match the original card's digital signature created by this Technology. The Technology is called "MagnePrint".
As long as any card uses Magnetic Stripe on the back using standard format (3 Lines) is concerned this technology will counter duplication. The Technology could be used for "Driver's License", "Credit Cards", "Debit Cards", University Exam Cards etc. It is cheaper than RFID and very very easy to use.
Hope your viewers will enjoy the article.
Warm Regards,
Sitanshu Ray
He also sent me a link from you tube about credit card skimming. I checked it and for that I would request you to visit the link and enjoy the video in the following link
http://www.youtube.com/watch?v=U0w_ktMotlo
paste it on your browser and visit
With Thanks
Urproblemmysolution Team
Thursday, August 13, 2009
For The Help of Police Officers
Police Officers Take a Note Please
Hi friends,
We posted here earlier about the hacking of Pay Pal Account and how to remain safe from that and now we are going to post a very useful comment of one of our reader, who is now in CBI. We think we need not to introduce you what is CBI. So please everybody read it and know that you are secured from cyber criminals who hack your Pay Pal Account as they may be caught with the help of Pay Pal by the police. And here is the Valuable command of Mr. Sanjoy Goutam of CBI India:-
Gautam said...
PayPal is pleased to collaborate with the Government judicial authorities for repression of crimes committed by or to the detriment of their users.
Requests for information from law enforcement and the orders of
acquisitions data the court should be directed to PayPal (Europe)
s.àr.l. et Cie S.C.A, 5th Floor 22-24 Boulevard Royal L-2449. These
can be sent to the Fraud Investigation Team
Requests for information by the police include:
• Send by fax on letterhead of the applicant
• Sign in charge of the investigation
• Direct to PayPal (Europe) s.àr.l. et Cie S.C.A.
Each request for information should include the following information:
• The e-mail address.
• All addresses and telephone numbers of the person you investigated.
• Your name, address, department, telephone and fax.
• Specific details about the information you need and how they are
needed for your investigation
*** Please note that PayPal has more than 70 million users and thus
more details
you provide will be more easy for us to identify the information you
have requested ***
PayPal (Europe) Ltd is an institution for the issuance of electronic
money regulated by the Financial Services Authority of the United
Kingdom and must abide by the Data Protection Act in accordance with
the laws. Therefore, for the release of financial details or
information on transactions carried out by our members, you must order
expressed by the court.
So many many thanks to Mr. Sanjoy Goutam from the heart of Urproblemmysolution Team.
Tuesday, August 4, 2009
Fake SSL
Dear Friends,
Sitanshu said...
Here is a good comment from one of our reader and we think that this will help our other readers to enrich their knowledge in this field and they will also be cautios in future by reading this. So thanks to Mr. Sitangshu for sharing his knowledge with us and as it is a good one we have decided to bring it before all of you in the main posting of our blog. Again thanks to Mr. Sitangshu and here is his comment for all:-
Sitanshu said...There were some very interesting guidelines on this title. I still thought that you may like to mention to your visitors about "Trusted Sites".
Trusted Sites are those sites that have a trusted securities certificate. Companies like VERISIGN for example issue "Trusted Security Certificates". That certificate means that the site is protected by SSL (Secured Socket Layer). To obtain such a certificate "VERISIGN" company would thoroughly investigate the ownership and history of the site. Once the site has received such a certification, their clients could be rest assured that they are opening a "Original Site" and not a "Fake Site".
But the irony is that hackers have managed to find a flaw even with the way a browser could be fooled into clicking into a site that is not SSL certified.
During a MITMA (Man in the middle attack phase), an attacker could wait for a person to click on a site that has an SSL certfication. But that site is a bogus site (meaning the person sending the link inserted the trusted site certificate, but the really is not SSL certified" . It has a "Site name that contains a Proper SSL certified site name followed by a blank followed by the rest of the name which is "the complete fake site name".
FAKE SITE = GOOD SITE PARTNAME + NULL + FAKE SITE NAME
Browser stops reading at the NULL character
So when you click on the link with that kind of site name with a null character in the middle of the name followed by the fake site address, you are really conned into entering into a fake site that the browser could not catch. Here you start entering your personal data like credit card number etc. and you become a victim.
I tried explaining a difficult concept in a few words. For more clarity please visit this link on a recent news item...
http://www.msnbc.msn.com/id/32258426/ns/technology_and_science-security/
Please keep writing. We are all indebted to you and your blog.
Sitanshu
August 4, 2009 8:41 AM
Thursday, July 23, 2009
Best Cyber Security Expert Says
Dear Friends,
Today is our most happiest day for our blog as one of the bset Cyber Security Expert of the World Mr. Gunnar has made his comment on one of our posting on blog and that is on the topic "Pay Pal member beware from phishers and and cyber criminals". This is the most valuable comment of our blog so far and so we have decided to post it on the front page for your kind notice and future guideline. And here it is for you:-
Gunnar said...
Hi there,
I am a friend of Sitanshu Ray who forwarded me that link of your interesting blog.
Phishing mails like this will never stop in a principal way and of cause they can be danger like in this case.
This Phishing mail you posted looks like an "invitation" of a (so called) drive-by-infection. This means, if you open the link from this mail, your computer might get infected by a virus/trojan in a second without interaction. They might use unfixed or new vulnerabiliys in the browser and/or plugins to do that and its very possible that your antivirus didnt "know" that used virus/trojan. In worst case, your computer is after this a part of a botnet or they "only" steal data out of your computer like passwords, banking data etc.
If you check the main URL of this like, you will see that the owner of the domain is "inContact Inc." - a call center. Call Center often act like this and offer there service to "normal" companys i.e. to send out spam etc.
On the inContact Website you can also see the address of them: 7730 South Union Park Avenue, Suite 500 Salt Lake City, UT 84047 or check the nic.com with the whois data.
But the problem is: It's hard to attest them, that they send the phishing mail by themself. They can easily say someone (unknown) did it. But there are also some possibility to make traps for them that could it be possible to sue them ... ;-)
Kind regards
Gunnar
July 22, 2009 10:16 AM
Monday, July 6, 2009
Why do we need SHTTP
Why do we need SHTTP
Explanation given by Mr, Sitangshu on his earlier comment
Sitanshu said...
I posted a comment on yet another secured protocol called SHTTP as opposed to HTTPS (The more widely known secure protocol). However I failed to mention why SHTTP? when we already have HTTPS...
The answer is not that simple. You have to be an Architect to appreciate this. Still I think - I may have a way to explain this.
Please remember that the Internet Bandwidth (total spectrum) is limited. So even if we need added services such as "Secured Transmissions", we must try our best to minimize the use of that bandwidth. SHTTP allows you to just secure what should be secured rather than the entire transmission. In a banking transaction you have thousands of messages (Client Name, Address, Sex, Account Number, Father's name, Account Start Date, Starting Balance, Ending Balance, Credit Card number, etc.etc.)...
Why do I need to secure all this information. Just securing the "Credit card number" is enough. I do not even need to secure my "Bank Account Number". So what if someone knows my "Bank Account Number". SHTTP will make sure that I secure just the "Credit Card Number", whereas HTTPS will secure everything...Too much is wasted securing everything...
That is where SHTTP is handy. Secure what you need, not the entire transmission...
Hope I made my point...
Will give a few real examples in my next post.
Warm Regards,
Sitanshu
Saturday, June 27, 2009
Comment on Kind attention
CREDIT CARD FRAUD DETECTION
As per our promise we are again posting a valuable comment of Mr. Sitangshu
"I wanted to let your valuable readers get privy to some information that may help them to reduce "Credit card fraud where their credit cards are used for retail shopping".
In early Year 2000 American Express came out with a program called "Private Programs for Shopping", and later Citi Bank introduced the concept of "Disposable Credits Cards". In both these instances the "Credit Card Holder" is presented with a small "Software" that uses a "Random Number Generation Algorithm". This Software is available to the user (credit card holder) on a USB device that uses RSA encryption. Just before shopping the card holder inserts the device into her/his Computer or Mobile Device, and is asked to type in a password which is unique each time the device is used. The Device accepts the "Password", and then requests the card holder to input their "Credit Card Number, expiration date, and CVV number". When the card holder does that she/he is presented a randomly generated NEW CREDIT CARD NUMBER with the same expiration date and different CVV number. This new Credit Card Number is a "Virtual Number" that is valid only for this "Purchase or Transaction". It will be useless after this transaction.
The Card holder then proceeds to the Merchant Site and makes her/his purchases online using this "New Virtual Credit Card Number". The Bank (American Express or Citi) allows this card to go through. They can link this new "Virtual Card Number" to the original card. After this purchase is done, this "New Virtual Card Number" is made "Invalid - i.e, it cannot be used again".
This is a unique way to solve "Credit Card Fraud for Online Shoppers". Even if the "New Virtual Card Number is Stolen" it cannot be used.
I have in fact used this mechanism for "online Purchases in the USA". Works very effectively.
In fact I wrote a "Whitepaper" where I suggested combining this technique with RFID as a "Secure Retail Solution" for Indian Shoppers. The RFID chip will contain Card Holder Biometrics together wih the "Credit Card Virtualization Software". Users (Card Holders) will never lose any sleep doing "Online Shopping".
Warm Regards
PS: Love your Blog and will keep posting more ideas in the future..
Reader Comment
COMMENT ON CYBER PORNOGRAPHY
Dear Readers
We promised that we would post the valuable commands of our reader in our blog so that every can read it and know it.
This is the comment of Mr. Sitangshu
"Thanks for giving us valuable information on "Child Pornography", and "Laws to fight Pornography" in various countries.
I wanted to present some interesting statistics on this subject for your readers:
Pornography Time Statistics (As of 2006)
Every second - $3,075.64 is being spent on pornography
Every second - 28,258 Internet users are viewing pornography
Every second - 372 Internet users are typing adult search terms into search engines
Every 39 minutes: a new pornographic video is being created in the United States
Another interesting comment:
Countries where Laws against Pornography are strictest, the revenue from Pornography is highest. China has the strictest Pornography laws in the world including "Execution", yet has the highest revenue from Pornography - a whopping 27 Billion Dollars annually, followed by South Korea, Japan, United States and Australia.
Another interesting statistic:
The Pornography industry is larger than the revenues of the top technology companies combined: Microsoft, Google, Amazon, eBay, Yahoo!, Apple, Netflix and EarthLink
And finally: As an IT specialist having over 28 years experience in the Industry in many countries, I know for certain that the best "Software Developers" are those who have built porn sites. In fact all new trends in "Software Development" first show up in Porno films.....
Finally an important point and fact:
In general all countries ban "Child Pornography", and all countries barring a few allow people (adults) to possess Pornographic Material, but do not allow unlicensed sale. Selling is "unlawful".
Thanks for the wonderful blog. Keep writing
Sunday, June 14, 2009
Valuable comment
Reader’s Comment
Hi Friends,
One of the readers of this blog has shared his valuable experience and has given a valuable comment about credit card here and I think I should publish this in my blog which will enrich all of us about credit card fraud. Thanks to you Mr. Sitangshu Ray.
His Valuable Comment here:-
Dear Sujit,
This is one of kind Blog that impressed me a great deal. Thanks for hosting this blog. I can see that a blog like this will go a long way in solving crimes, specially cyber crimes.
Just for your information, in the Western World, specially in USA,Canada and Europe, Hotel keys designed like credit card contain valuable personal information about the person staying in that hotel room. When you check into the hotel and give your credit card number for payment in advance, the room key (also a card with a magnetic strip) contains that information. When you leave the hotel, you return the room key, which is then stolen by criminal hotel employees to get your credit card information. This type of fraud happens a lot, but few people know about it.
Just a small tip...
Thanks for the wornderful site. Will continue watching its information and progress.
Great Job...
Sitanshu Ray
Subscribe to:
Posts (Atom)