Assorted 802.11 Related Crypto Algorithms

David Johnston

The files on this page contain simple ANSI C implementations of algorithms related to the new 802.11i security protocols. They are not designed for efficiency, they are designed to be clear, simple and useful as unambiguous documentation for the algorithms in the specifications.

They are all stand alone C files. I compile them on Linux using 'gcc -Wall {filename}.c'. There should be no errors or warnings.

These are all independent implementations, derived directly from the algorithm specifications. Hence they may be used as independent verification of other implementations.

AES 128 bit Key, 128 bit Data Block Cipher Algorithm

This code contains a fixed key size (128 bit), fixed data size (128 bit) AES block cipher with test vectors.

It takes a 128 bit data block, a 128 bit key and produces a ciphertext block according to the NIST AES standard. This is the block cipher that is used in 802.11i.


TKIP Key Mixing Code with Test Vectors.

This code contains the TKIP key mixing algorithm along with some test vectors. This code was incorporated into the 802.11 TGi Draft 3.0 specification. It takes a 128 bit temporal key, an 802 MAC address and a 48 bit PN and cryptographically mixes them to form an RC4 seed to be used to encrypt an MPDU payload.


CCMP MPDU Encryption

This code contains the CCM encryption algorithm and test vectors. This code was for a period incorporated into the 802.11 TGi Draft specification. The Draft 3.0 code is incomplete and a replacement is needed.

It takes a plaintext MPDU, a PN, a Default Key ID and a 128 key and encrypts the MPDU according to the CCM algorithm in the 802.11i Draft 3.0 specification. Note that the MIC muting rules in the specification are wrong. The MIC muting in this code is right and reflects what the group voted for. The text was fixed in Draft 3.1.

Version 1.2 includes the muting of the sequence number that was introduced in the 2003 florida meeting.

This code is in the public domain



This code contains the SHA1 algorithm as used in 802.11i.



This code contains the HMAC_SHA1 algorithm as used in 802.11i.


TKIP Michael Message Integrity Check Algorithm

This code contains the TKIP Michael MIC (Message Integrity Check) algorithm and test vectors.

It takes an MSDU, a MIC key and an 802 MAC address and generates a 64 bit MIC according to the TKIP MIC algorithm in the 802.11i Draft 3.0 specification.


802.11i Password Hashing

This code contains the password hashing algorithm defined in 802.11i.

It takes a passphrase string and produces a 256 bit hash derived from the passphrase.

WARNING! This code produces different results to the spec. The vectors in the TGi draft 3.0 specification are wrong.


802.11i PRFs

This code contains the PRF (Pseudo Random Function) defined in 802.11i.



This code contains the RC4 algorithm as used in WEP and 802.11i TKIP.


TKIP MSDU example, with fragmentation.

If you glue all these algorithms together, along with 802.11 standard fragmentation, you might get the following vector:


Copying Notice: