WPA reauthentication causing MIC errors?

Unanswered Question
Oct 3rd, 2007


I'm testing a STA device (under development) with the aironet 1200 12.3(8)ja2.

The session security is WPA, TKIP encryption (using TLS authentication).

The AP is configured for periodic re-authentication.

In addition, I also have unicast downlink traffic transmitted (from the AP's LAN side to my STA) by a PC.

Oh, and I'm also working in power-save :)

(I'd be happy to supply AP config.txt).

Anyway...to the issue:

After the TLS reauthentication and the key handshake, my STA reports MIC failures on several frames.

The whole session is encrypted so I can't actually see which frames got the bad MIC.

I've used debug prints (on my STA) to trace the problem, and I can see the bad MIC frames are detected right after the unicast key is actually installed. (any new frames received later on will be decrypted and MIC-checked using the new key).

I would assume that if this is a key-installation-timing issue, then the frames should be dropped due to "decryption failure" (bad ICV).

Is my assumption correct?

for now, I assume this is my own STA's bug (since I tried testing same scenario with Cisco STA and no MICs occured).

I'd be happy if anyone could give some general information as to how exactly the reauthentication process occurs from the AP's point of view (when exactly is the key changed to the new key and new MIC? after the GTK is installed on all clients?)


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
irisrios Tue, 10/09/2007 - 06:20

After successful authentication of the client to Radius server a dynamic key is handled to access point from Radius server . This key is called Pairwise Master key (PMK)which I assume is already generated by the client . So PMK is never transmitted over air to client . After this a key called Pairwise Transient key (PTK)which is derived from PMK . PTK is negotiated between access point and the client from which the actual key for encryption is derived. GTK is encrypted with this final key and sent to the client.

eitan.bar Tue, 10/09/2007 - 06:35

Thanks for the response!

Could there be (in theory) a case when the client installs its PTK before the AP installs his?

If there is active traffic, there is a chance of decrypt/MIC failures on the frames that were sent using the "old" PTK, no?


This Discussion



Trending Topics - Security & Network