WPA and WPA2 - TKIP and CCMP Mixed Mode

這裡記錄一下當使用者設定成WPA and WPA2 - TKIP and CCMP Mixed Mode的時候，它的封包內容長什麼樣子。在這裡已經不想再抓全部的封包流程了，因為實在是半斤八兩，沒必要一直再作重複的事：

• The STA send Probe Request to the AP.
• The AP feedback Probe Response to the STA.
• The STA send Authentication (request) to the AP.
• The AP feedback Authentication (response) to the AP.
• The STA send Association Request to the AP.
• The AP feedback Association Response to the STA.
• The AP and the STA Unicast 4-Way handshaking.
• The AP and the STA Multicast / Broadcast 2-Way handshaking.

其中Authentication比較有差異，不一樣的加密方式，Authentication的次數也不一樣 (WEP – Shared Key和WPA3 – SAE要4次)；而4-Way / 2-Way handshaking要WPA才有。

這一次就直接看AP所發送的Beacon封包。

Mode: WPA and WPA2 Personal Mixed Mode
Cipher Suite: TKIP and CCMP Mixed Mode

• OUI: 00:0F:AC (IEEE 802.11)
• Group Cipher Suite Type: TKIP (2)
• Pairwise Cipher Suite Count: 2
• Pairwise Cipher Suite List:
• Pairwise Cipher Suite Type: AES (CCM) (4)
• Pairwise Cipher Suite Type: TKIP (2)
• Auth Key Management (AKM) Suite Count: 1
• Auth Key Management (AKM) Suite Type: PSK (2)
• RSN Capabilities:
• Management Frame Protection Required: False
• Management Frame Protection Capable: False

由此可見，當使用者設定成WPA and WPA2 – TKIP and CCMP Mixed Mode的時候，Multicast / Broadcast 封包會使用TKIP來加密；而Unicast封包則是有TKIP和CCMP這兩種選擇。

Releated:

• WPA-PSK - TKIP Mode
• WPA-PSK - CCMP Mode
• WPA2-Passphrase - CCMP Mode