What Is TKIP? Security Definition
Also known as: Temporal Key Integrity Protocol
This page mentions older exam versions. See the Current Exam Context and Legacy Exam Context sections below for the updated mapping.
On This Page
Quick Definition
TKIP, or Temporal Key Integrity Protocol, is a security protocol designed as a stopgap improvement over the flawed Wired Equivalent Privacy (WEP) standard. It was introduced as part of the Wi-Fi Protected Access (WPA) standard to address WEP's critical vulnerabilities without requiring hardware upgrades. TKIP works by dynamically generating a unique encryption key for each data packet, combining a base key with the sender's MAC address and a packet sequence number. This per-packet keying prevents attackers from replaying captured packets or decrypting traffic by analyzing repeated keys. Additionally, TKIP includes a Message Integrity Check (MIC, often called Michael) to detect tampering, and a countermeasure mechanism that temporarily shuts down the network if an attack is detected. While TKIP significantly improved security over WEP, it is now considered deprecated due to vulnerabilities discovered in its implementation, and it has been superseded by the more robust AES-based CCMP used in WPA2.
Must Know for Exams
On the Network+ (N10-008) exam, TKIP is tested under Objective 2.4 (Compare and contrast wireless networking protocols) and Objective 4.1 (Explain common security concepts). Specifically, candidates must know that TKIP is the encryption method used by WPA, not WPA2.
The exam expects you to differentiate TKIP from CCMP (AES) and to understand that TKIP uses RC4 encryption with per-packet key mixing. A common question asks which protocol improves upon WEP by adding dynamic keying and a message integrity check. On the Security+ (SY0-601) exam, TKIP appears under Objective 3.
2 (Given a scenario, implement secure network architecture concepts) and Objective 3.3 (Given a scenario, implement secure protocols). Security+ focuses on TKIP's vulnerabilities: it is susceptible to MIC key recovery attacks (e.
g., the Beck-Tews attack) and is deprecated in favor of CCMP. Exam questions may present a scenario where a network uses WPA with TKIP and ask for the best upgrade path (answer: WPA2 with AES/CCMP).
Another focus area is the countermeasure mechanism: if two MIC failures occur within 60 seconds, the network disables TKIP for 60 seconds. Candidates must also know that TKIP is not compatible with WPA2 (which mandates CCMP) and that mixing TKIP and CCMP in a mixed-mode network reduces security. Finally, the exam may test that TKIP's Michael MIC is weaker than the CCM-based integrity check used in CCMP.
Simple Meaning
Imagine you have a single key that opens every door in a large office building. If someone copies that key, they can access every room. That's WEP. Now imagine a system where, every time you unlock a door, the key automatically changes to a new one that only works for that specific door at that exact moment.
That's TKIP. It takes a master key (the pre-shared key) and combines it with information like your ID badge (MAC address) and the time you entered (packet sequence number) to create a unique key for each door you open. Even if a thief captures one of these temporary keys, they can't use it to open any other door, and they can't reuse it later.
TKIP also adds a tamper-evident seal (MIC) to each door, so if someone tries to force it open, the system detects the damage and sounds an alarm, temporarily locking all doors until the threat is cleared.
Full Technical Definition
TKIP (Temporal Key Integrity Protocol) is a security protocol defined in the IEEE 802.11i amendment (ratified in 2004) and implemented as the mandatory encryption method for Wi-Fi Protected Access (WPA). It operates at the Data Link Layer (Layer 2) of the OSI model, specifically within the MAC sublayer.
TKIP was designed to retrofit WEP-based hardware with enhanced security without requiring new hardware, using the same RC4 stream cipher as WEP but with significant improvements. The protocol uses a 128-bit per-packet key derived from a 256-bit temporal key (TK), the transmitter's MAC address, and a 48-bit packet sequence number (TKIP Sequence Counter, or TSC). The key mixing process occurs in two phases: Phase 1 combines the TK and the transmitter's MAC address to produce an intermediate key; Phase 2 combines this intermediate key with the TSC to generate the final per-packet RC4 key.
This ensures each packet has a unique key, preventing key reuse attacks. TKIP also includes a Message Integrity Check (MIC) called Michael, which is an 8-byte value appended to the data before encryption. The MIC is computed using the source and destination MAC addresses, the data payload, and a MIC key derived from the TK.
If a packet fails the MIC check, the receiver discards it. TKIP also implements countermeasures: if two MIC failures occur within 60 seconds, the access point disables all TKIP communications for 60 seconds to prevent brute-force attacks. TKIP's key hierarchy includes a Pairwise Transient Key (PTK) for unicast traffic and a Group Temporal Key (GTK) for multicast/broadcast traffic.
Compared to alternatives, TKIP is less secure than CCMP (AES-based, used in WPA2) because RC4 is vulnerable to related-key attacks, and the Michael MIC is weaker than the CCM-based integrity check. TKIP is deprecated in the 802.11-2012 standard and is not recommended for use in modern networks.
Real-Life Example
A small business, 'Bean There Coffee,' uses legacy WEP for its guest Wi-Fi. After a security audit, the owner, Maria, learns that WEP can be cracked in minutes. She cannot afford to replace all her older access points and wireless cards, so she upgrades to WPA with TKIP.
The network uses a pre-shared key 'Coffee4You!' that all employees and guests enter. When a customer, Alex, connects his laptop, the access point and laptop perform a 4-way handshake to derive a unique Pairwise Transient Key (PTK).
As Alex browses the web, each packet he sends is encrypted with a different per-packet key. For example, when he submits a form with his email address, TKIP mixes the PTK with his laptop's MAC address and a sequence number to create a unique key for that packet. The access point receives the packet, verifies the Michael MIC to ensure it wasn't tampered with, and decrypts it.
Later, an attacker captures some of Alex's packets but cannot decrypt them because each key is used only once. The attacker tries to replay a captured packet, but the access point detects the duplicate sequence number and discards it. The network remains secure until Maria can upgrade to WPA2 with AES.
Why This Term Matters
IT professionals must understand TKIP because it represents a critical evolutionary step in wireless security. Many legacy devices and networks still support TKIP, and technicians may encounter it during troubleshooting or upgrades. Knowing TKIP's weaknesses helps professionals justify migrations to WPA2 or WPA3.
In operational contexts, understanding TKIP's countermeasure mechanism is vital; if a network suddenly disconnects clients for 60 seconds, a TKIP MIC failure may be the cause. For career value, TKIP appears on both Network+ and Security+ exams, and interviewers may ask about its role in the WEP-to-WPA2 transition. Professionals who can explain why TKIP was necessary and why it is now deprecated demonstrate a deep understanding of wireless security evolution.
How It Appears in Exam Questions
Question Pattern 1: 'Which of the following encryption protocols uses a per-packet key mixing function and is associated with WPA?' The wrong answers often include WEP (static key), CCMP (AES-based), and EAP (authentication framework). The correct answer is TKIP.
Pattern 2: 'A network administrator notices that wireless clients disconnect for 60 seconds after a series of MIC failures. Which protocol is most likely in use?' Wrong answers include WEP (no MIC), WPA2 (uses CCMP, which has stronger integrity), and 802.
1X (authentication). The correct answer is TKIP, due to its countermeasure mechanism. Pattern 3: 'Which of the following is a weakness of TKIP?' Wrong answers might include 'uses AES encryption' (false, it uses RC4), 'requires hardware upgrades' (false, it was designed for legacy hardware), or 'provides perfect forward secrecy' (false).
The correct answer is that TKIP is vulnerable to MIC key recovery attacks. Pattern 4: 'A company wants to upgrade from WEP to a more secure protocol without replacing existing hardware. Which protocol should they choose?'
Wrong answers: WPA2 (requires AES-capable hardware), WPA3 (requires modern hardware), 802.11i (a standard, not a protocol). Correct answer: WPA with TKIP.
Practise TKIP Questions
Test your understanding with exam-style practice questions.
Example Scenario
Scenario: A home user, Bob, has an old router that only supports WEP and WPA with TKIP. He wants to secure his network. Step 1: Bob logs into his router's admin interface and selects 'WPA-PSK' as the security mode.
Step 2: He enters a pre-shared key (PSK) 'MySecureKey123!' and saves the settings. Step 3: Bob's laptop, which has a legacy wireless card, scans for networks and selects Bob's SSID.
Step 4: The laptop and router perform a 4-way handshake, exchanging nonces and deriving a Pairwise Transient Key (PTK). Step 5: When Bob sends an email, TKIP mixes the PTK with his laptop's MAC address and a sequence number to create a per-packet key. The packet is encrypted with RC4 and includes a Michael MIC.
The router receives the packet, verifies the MIC, decrypts it, and forwards the email. If an attacker tries to replay the packet, the router detects the duplicate sequence number and drops it.
Common Mistakes
TKIP uses AES encryption.
TKIP uses the RC4 stream cipher, not AES. AES is used by CCMP in WPA2. TKIP was designed to work with legacy hardware that only supported RC4.
Remember: TKIP = RC4; WPA2 = AES. If you see 'TKIP', think 'RC4'.
TKIP is the same as WPA2.
WPA2 mandates CCMP (AES) and does not include TKIP. TKIP is part of WPA, the predecessor to WPA2. They are different standards with different encryption methods.
TKIP = WPA; CCMP = WPA2. Never mix them up.
TKIP provides perfect forward secrecy.
TKIP does not provide perfect forward secrecy because the temporal key is derived from the pre-shared key, and if the PSK is compromised, past traffic can be decrypted. PFS is a feature of WPA3's SAE handshake.
TKIP is not PFS; only WPA3 provides PFS. TKIP's security relies on the PSK being secret.
Exam Trap — Don't Get Fooled
{"trap":"The most dangerous trap is selecting 'WPA2' as the answer when a question asks which protocol uses TKIP. Many candidates see 'TKIP' and think 'WPA2' because WPA2 is more common, but TKIP is exclusive to WPA.","why_learners_choose_it":"Learners often memorize that WPA2 is the 'secure' standard and assume TKIP, being a security protocol, must be part of WPA2.
They also confuse 'WPA' and 'WPA2' as interchangeable terms, not realizing that WPA2 mandates CCMP, not TKIP.","how_to_avoid_it":"Use the rule: 'TKIP is Temporary, like WPA. WPA2 is Advanced, with AES.'
When you see 'TKIP' in a question, immediately think 'WPA' and look for an answer that mentions WPA, not WPA2. If the question asks for the encryption method of WPA, the answer is TKIP."
Commonly Confused With
TKIP uses RC4 encryption with per-packet key mixing and a Michael MIC. CCMP uses AES encryption in CCM mode (Counter with CBC-MAC) and provides stronger integrity. CCMP is mandatory for WPA2, while TKIP is used in WPA. CCMP is not vulnerable to the same attacks as TKIP.
When configuring a router, selecting 'WPA2-PSK' uses CCMP (AES), while selecting 'WPA-PSK' uses TKIP (RC4).
WEP uses a static 40-bit or 104-bit key for all packets and has no integrity check (CRC-32 is not cryptographic). TKIP uses dynamic per-packet keys and a Michael MIC. WEP can be cracked in minutes with tools like aircrack-ng, while TKIP is more resistant but still deprecated.
A legacy network using WEP is vulnerable to ARP replay attacks; upgrading to WPA with TKIP stops those attacks by using per-packet keys and sequence numbers.
Step-by-Step Breakdown
Step 1: Key Derivation via 4-Way Handshake
The client and access point perform a 4-way handshake to derive a 512-bit Pairwise Transient Key (PTK) from the Pre-Shared Key (PSK), nonces, and MAC addresses. The PTK is split into multiple keys, including the Temporal Key (TK) for encryption and the MIC key for integrity.
Step 2: Phase 1 Key Mixing
The TK (256 bits) is combined with the transmitter's MAC address (48 bits) to produce a 128-bit intermediate key. This ensures that different devices on the same network use different intermediate keys, preventing cross-client key reuse.
Step 3: Phase 2 Key Mixing
The intermediate key from Phase 1 is combined with the 48-bit packet sequence number (TSC) to produce the final 128-bit per-packet RC4 key. The TSC increments with each packet, ensuring each packet gets a unique key.
Step 4: MIC Calculation and Encryption
The Michael MIC is computed over the source and destination MAC addresses, the data payload, and the MIC key. The MIC is appended to the data. Then, the entire plaintext (data + MIC) is encrypted using the per-packet RC4 key and transmitted.
Step 5: Decryption and Verification
The receiver uses the same per-packet key (derived from the shared TK and the packet's TSC) to decrypt the packet. It then recalculates the MIC and compares it to the received MIC. If they match, the packet is accepted; if not, it is discarded. Two MIC failures within 60 seconds trigger a 60-second network shutdown.
Practical Mini-Lesson
TKIP (Temporal Key Integrity Protocol) is a security protocol that was introduced as part of WPA to fix WEP's critical flaws without requiring new hardware. The core concept is dynamic per-packet keying: instead of using a single static key like WEP, TKIP generates a unique encryption key for every data packet. This is achieved through a two-phase key mixing function.
In Phase 1, the 256-bit Temporal Key (TK) is combined with the transmitter's MAC address to produce an intermediate key. In Phase 2, this intermediate key is combined with a 48-bit packet sequence number (TSC) to produce the final 128-bit RC4 key. This ensures that even if an attacker captures multiple packets, they cannot derive the key because each packet uses a different key.
Additionally, TKIP includes a Message Integrity Check (MIC) called Michael, which is an 8-byte value computed over the source and destination MAC addresses, the data, and a MIC key. The MIC prevents tampering and replay attacks. If a packet fails the MIC check, it is discarded.
If two MIC failures occur within 60 seconds, TKIP triggers a countermeasure: the access point disables all TKIP communications for 60 seconds, preventing brute-force attacks. Compared to similar technologies: WEP uses a static key and no MIC, making it trivial to crack. CCMP (used in WPA2) uses AES encryption and a stronger integrity check (CCM), but requires hardware support.
TKIP is a compromise that improves security over WEP but is now deprecated due to vulnerabilities like the Beck-Tews attack, which can recover the MIC key. Configuration notes: TKIP is selected as 'WPA-PSK' or 'WPA-TKIP' in router settings. It is not compatible with WPA2, which mandates CCMP.
Mixed-mode networks (WPA-TKIP + WPA2-CCMP) are possible but reduce security to the lowest common denominator. Key takeaway: TKIP was a necessary bridge from WEP to WPA2, but modern networks should use WPA2 with AES or WPA3.
Memory Tip
Think 'Temporal Key Integrity Protocol' = 'Time-based Key' + 'Integrity Check'. Mnemonic: 'TKIP = Two Keys In a Packet' (the per-packet key and the MIC key). Remember: TKIP is the 'Temporary' fix between WEP and WPA2. Exam tip: TKIP uses RC4, not AES. If you see 'TKIP' in a question, think 'WPA, not WPA2'.
Covered in These Exams
Current Exam Context
Current exam versions that test this topic — use these objectives when studying.
N10-009CompTIA Network+ →SY0-701CompTIA Security+ →220-1102CompTIA A+ Core 2 →SC-900SC-900 →CDLGoogle CDL →ISC2 CCISC2 CC →Legacy Exam Context
Older materials may mention these exam versions, but learners should use the current objectives for their target exam.
N10-008N10-009(current version)SY0-601SY0-701(current version)Related Glossary Terms
AH (Authentication Header) is an IPsec protocol that provides connectionless integrity, data origin authentication, and anti-replay protection for IP packets.
AH (Authentication Header) is an IPsec protocol that provides connectionless integrity, data origin authentication, and anti-replay protection for IP packets.
An AP (Access Point) bridges wireless clients to a wired network, acting as a central transceiver and controller for Wi-Fi communications.
An API is a set of rules that allows software applications to communicate and exchange data with each other.
BCP is a proactive process that creates a framework to ensure critical business functions continue during and after a disruptive event.
BNC (Bayonet Neill-Concelman Connector) is a miniature coaxial connector used for terminating coaxial cables in networking, video, and RF applications.
Frequently Asked Questions
Is TKIP still secure enough for home use?
No, TKIP is deprecated and has known vulnerabilities, such as the Beck-Tews attack that can recover the MIC key. Modern devices and routers should use WPA2 with AES (CCMP) or WPA3. If your router only supports TKIP, consider upgrading to a newer model.
What is the difference between TKIP and CCMP?
TKIP uses RC4 encryption with per-packet key mixing and a Michael MIC. CCMP uses AES encryption in CCM mode, which is much stronger and provides both encryption and integrity in one algorithm. CCMP is mandatory for WPA2, while TKIP is used in WPA.
Can I use TKIP and CCMP together on the same network?
Yes, in a 'mixed-mode' or 'WPA/WPA2' network, the access point supports both TKIP and CCMP. However, this reduces security to the lowest common denominator (TKIP), and attackers may force clients to use TKIP. It is better to use only CCMP if all devices support it.
Why does TKIP disable the network for 60 seconds after MIC failures?
This is a countermeasure to prevent brute-force attacks on the Michael MIC. The Michael algorithm is relatively weak, so if an attacker can send many packets with incorrect MICs, they might recover the MIC key. The 60-second shutdown slows down such attacks.
Is TKIP used in WPA3?
No, WPA3 uses the Simultaneous Authentication of Equals (SAE) handshake and requires CCMP (AES) for encryption. TKIP is not supported in WPA3. WPA3 also introduces GCMP-256 for higher security.
Summary
1. TKIP (Temporal Key Integrity Protocol) is the encryption protocol used by WPA, designed as an upgrade to WEP that adds per-packet key mixing and a message integrity check (Michael). 2.
Its key technical property is dynamic per-packet keying: each packet is encrypted with a unique RC4 key derived from a temporal key, MAC address, and sequence number, preventing key reuse and replay attacks. 3. The most important exam fact: TKIP is deprecated and less secure than CCMP (AES) used in WPA2; it uses RC4 encryption and has a countermeasure that disables the network for 60 seconds after two MIC failures.
On exams, remember that TKIP = WPA, not WPA2.