The authors analyse the security threats caused by personal wireless local area network (WLAN) sharing, propose schemes under two different conditions, and evaluate the performance of their schemes. WLAN is a widely used low-cost wireless networking technology. Most personal WLANs use the Wi-Fi-protected access II (WPA2)-personal to ensure robust security. Exposing the passphrase of WLAN is the only way to share it. Passphrase exposure can cause three threats, i.e. eavesdropping, evil twin attack, and resource abuse. This study addresses these threats by proposing two schemes under different device upgrade difficulties. For devices that are difficult to upgrade, their scheme only upgrades wireless routers. All WPA2-personal certified user devices can address these threats without any changes. For easy-upgrade and new devices, their scheme uses the attribute-based key exchange to address threats and provide ease of use, anonymity, and fine-grained access control. To solve the problem practically, they propose a mutual authentication method based on trust-on-first-use and a convenient attribute assignment method based on the existence of social information. The attribute authority already has numerous social information to provide services and cannot obtain more private information from participants in their scheme. The analysis shows that these proposed schemes are secure and practical.
[1]
Ning Zhang,et al.
S2M: A Lightweight Acoustic Fingerprints-Based Wireless Device Authentication Protocol
,
2017,
IEEE Internet of Things Journal.
[2]
Martin Bichler,et al.
Software frameworks for advanced procurement auction markets
,
2006,
CACM.
[3]
Lyuye Zhang,et al.
FKR: An efficient authentication scheme for IEEE 802.11ah networks
,
2020,
Comput. Secur..
[4]
Teek Parval Sharma,et al.
A Key Hiding Communication Scheme for Enhancing the Wireless LAN Security
,
2014,
Wirel. Pers. Commun..
[5]
R. Bharat Rao,et al.
Wireless commons perils in the common good
,
2006,
CACM.
[6]
Jianfeng Ma,et al.
FLAP: An Efficient WLAN Initial Access Authentication Protocol
,
2014,
IEEE Transactions on Parallel and Distributed Systems.
[7]
Sneha Kumar Kasera,et al.
On Fast and Accurate Detection of Unauthorized Wireless Access Points Using Clock Skews
,
2008,
IEEE Transactions on Mobile Computing.