Resolving WPA limitations in SOHO and open public wireless networks

Wi-Fi protected access (WPA) is currently the most commonly used mechanism for protecting users of wireless networks. Protection is afforded by authenticating users of the network and encrypting communication which travels through the wireless medium. However, WPA is limited in the amount protection offered in networks which use a pre-shared key (WPA-PSK) for authentication, as anyone holding the PSK may eavesdrop on other authorized users. We present a lightweight enhancement to the WPA four-way handshake which removes this limitation, providing confidentiality even in a shared-key environment. In addition, we apply the enhancement to a non-authenticated open public WLAN environment thereby providing protection from sniffing attacks without requiring additional configuration or setup modifications to be made by the user

[1]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.

[2]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[3]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.

[4]  Randy H. Katz,et al.  Secure Authentication System for Public WLAN Roaming , 2003, WMASH '03.

[5]  Jeff Wilson,et al.  Securing a wireless network , 2002, SIGUCCS '02.

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  John C. Mitchell,et al.  Analysis of the 802.11i 4-way handshake , 2004, WiSe '04.

[8]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[9]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[10]  Guido Appenzeller,et al.  User-friendly access control for public network ports , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[11]  Randy H. Katz,et al.  Secure Authentication System for Public WLAN Roaming , 2005, Mob. Networks Appl..

[12]  John Ioannidis,et al.  A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP) , 2004, TSEC.

[13]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 1997, RFC.