[Off topic] Difference between wpa: tkip & aes
Jar
jar
Mon Nov 7 11:29:34 PST 2005
Jar wrote:
> OK now I sniff iit with Kismet, the security mode is WPA_PSK_AES. The
> data packet looks like this:
>
> No. Time Source Destination Protocol
> Info
> 5655 342.729498 00:14:bf:2e:2e:2e EdimaxTe_5a:5a:5a IEEE
> 802.11 Data
>
> Frame 5655 (1554 bytes on wire, 1554 bytes captured)
> IEEE 802.11
> Type/Subtype: Data (32)
> Frame Control: 0x4308 (Normal)
> Version: 0
> Type: Data frame (2)
> Subtype: 0
> Flags: 0x43
> DS status: Frame part of WDS (To DS: 1 From DS: 1) (0x03)
> .... .0.. = More Fragments: This is the last fragment
> .... 0... = Retry: Frame is not being retransmitted
> ...0 .... = PWR MGT: STA will stay up
> ..0. .... = More Data: No data buffered
> .1.. .... = WEP flag: WEP is enabled
> 0... .... = Order flag: Not strictly ordered
> Duration: 213
> Receiver address: 00:14:bf:48:48:48 (00:14:bf:48:48:48)
> Transmitter address: 00:14:bf:bf:bf:bf (00:14:bf:bf:bf:bf)
> Destination address: 00:50:fc:5a:5a:5a (EdimaxTe_5a:5a:5a)
> Fragment number: 0
> Sequence number: 769
> Source address: 00:14:bf:2e:2e:2e (00:14:bf:2e:2e:2e)
> TKIP/CCMP parameters
> CCMP Ext. Initialization Vector: 0x0000000000DA
> Key: 0
> Data (1516 bytes)
>
> 0000 af e0 27 6b be 48 34 ba 61 10 7e 20 71 dd 56 f6 ..'k.H4.a.~ q.V.
> 0010 33 ef 6d 67 64 fe 40 7a 88 88 0e da 94 c5 d2 0f 3.mgd. at z........
> ....
But sometimes data packets show both CCMP and TKIP and sometimes just
CCMP. I don't know what it means?
TKIP/CCMP parameters
TKIP Ext. Initialization Vector: 0x00000000D100
CCMP Ext. Initialization Vector: 0x00000000ACD1
Key: 0
Data (1516 bytes)
0000 54 36 bd ae e1 d3 b6 68 9b 3c 11 41 3b f6 6b a9 T6.....h.<.A;.k.
...
...
--
Best Regards, Jar
More information about the Hostap
mailing list