Security Analysis and Improvements for IEEE 802.11i
نویسندگان
چکیده
This paper analyzes the IEEE 802.11i wireless networking standard with respect to data confidentiality, integrity, mutual authentication, and availability. Under our threat model, 802.11i appears to provide effective data confidentiality and integrity when CCMP is used. Furthermore, 802.11i may provide satisfactory mutual authentication and key management, although there are some potential implementation oversights that may cause severe problems. Since the 802.11i design does not emphasize availability, several DoS attacks are possible. We review the known DoS attacks on unprotected management frames and EAP frames, and discuss ways of mitigating them in 802.11i. The practicality of a DoS attack against Michael MIC Failure countermeasure is discussed and improvements are proposed. Two new DoS attacks and possible repairs are identified: RSN IE Poisoning and 4-Way Handshake Blocking. Finally some tradeoffs in failure-recovery strategies are discussed and an improved variant of 802.11i is proposed to address all the discussed vulnerabilities.
منابع مشابه
Security Analysis and Improvements on WLANs
IEEE 802.11i standard defines the security specifications of IEEE 802.11 series Wireless Local Area Network (WLAN). It is the replacement of the old security standard named Wired Equivalent Privacy (WEP), and it aims to eliminate all known attacks against WEP. It certainly provides solutions to the confidentiality, mutual authentication and integrity aspects of the WLAN security but not the ava...
متن کاملHolistic approach to Wep protocol in securing wireless network infrastructure
Constant increase in use of wireless infrastructure networks for business purposes created a need for strong safety mechanisms. This paper describes WEP (Wired Equivalent Privacy) protocol for the protection of wireless networks, its security deficiencies, as well as the various kinds of attacks that can jeopardize security goals of WEP protocol: authentication, confidentiality and integrity. T...
متن کاملAnalysis of Security Protocols for Wireless Networks a Dissertation Submitted to the Department of Electrical Engineering and the Committee on Graduate Studies of Stanford University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy
Security is a serious concern in wireless networks. In order to eliminate the vulnerabilities in previous Standards, the IEEE 802.11i Standard is designed to provide security enhancements in MAC layer. The authentication process consists of several components, including an 802.1X authentication phase using TLS over EAP, a 4-Way Handshake to establish a fresh session key, and an optional Group K...
متن کاملMeasurement and Analysis of Handover Latencies in IEEE 802.11i Secured Networks
The purpose of the IEEE 802.11i standard is to endue wireless networks with advanced security by leveraging mature and proven security technologies. The concept of a Robust Secure Network (RSN) as a long-term security architecture was defined in order to provide confidentiality of data being transferred over the wireless medium as well as to provide mutual authentication between mobile stations...
متن کاملA Survey of Wireless Security
Constant increase in use of wireless infrastructure networks for business purposes created a need for strong safety mechanisms. This paper describes WEP (Wired Equivalent Privacy) protocol for the protection of wireless networks, its security deficiencies, as well as the various kinds of attacks that can jeopardize security goals of WEP protocol: authentication, confidentiality and integrity. T...
متن کامل