A KRC encryption solution protecting IEEE 802.11I 4-way handshake from DoS attacks

IEEE Std 802.11i [1] has specified the security functionality of wireless local area networks (WLANs). However, two types of DoS attacks have been disclosed which could block the 4-way handshake procedure [2]. Some improvements over them have been investigated. But all of them have obvious drawbacks. In this paper, we address the security issue in WLANs and analyze the operations of the 4-way handshake protocol. Based on the insight of the protocol and the existing potential vulnerabilities under the DoS attacks, we propose an enhancement solution to protect the protocol from DoS attacks. Compared with other existing works, our solution is more effective and efficient. Colored Petri Nets (CPN) has been employed to formally verify our solution.

[1]  Maode Ma,et al.  Security improvements of IEEE 802.11i 4-way handshake scheme , 2010, 2010 IEEE International Conference on Communication Systems.

[2]  Chang-Seop Park,et al.  Two-way Handshake protocol for improved security in IEEE 802.11 wireless LANs , 2010, Comput. Commun..

[3]  Bala Srinivasan,et al.  Security Analysis and Improvements on WLANs , 2011, J. Networks.

[4]  John C. Mitchell,et al.  Analysis of the 802.11i 4-way handshake , 2004, WiSe '04.

[5]  Floriano De Rango,et al.  Static and Dynamic 4-Way Handshake Solutions to Avoid Denial of Service Attack in Wi-Fi Protected Access and IEEE 802.11i , 2006, EURASIP J. Wirel. Commun. Netw..

[6]  Balasubramaniam Srinivasan,et al.  Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard , 2010, 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing.

[7]  John C. Mitchell,et al.  Security Analysis and Improvements for IEEE 802.11i , 2005, NDSS.

[8]  Aidil Izani Jafri,et al.  ANonce encryption in 802.11i 4-way handshake protocol , 2009, MoMM.

[9]  Jun Li,et al.  Security Verification of 802.11i 4-Way Handshake Protocol , 2008, 2008 IEEE International Conference on Communications.

[10]  Zhongying Bai,et al.  4-Way Handshake Solutions to Avoid Denial of Service Attack in Ultra Wideband Networks , 2009, 2009 Third International Symposium on Intelligent Information Technology Application.