Analysing and attacking the 4-way handshake of IEEE 802.11i standard

The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-of-Service (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.

[1]  Xiaoqi Ma,et al.  A framework for cryptographic protocol analysis using linear temporal logic , 2012, International Conference on Information Society (i-Society 2012).

[2]  Yufei Tao,et al.  ANGEL: Enhancing the Utility of Generalization for Privacy Preserving Publication , 2009, IEEE Transactions on Knowledge and Data Engineering.

[3]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[4]  Ninghui Li,et al.  Slicing: A New Approach for Privacy Preserving Data Publishing , 2009, IEEE Transactions on Knowledge and Data Engineering.

[5]  N. Revathi,et al.  Enhancing the Utility of Generalization for Privacy Preserving Re-publication of Dynamic Datasets , 2011 .

[6]  Yang Xiao Privacy Preserving Approaches for Multiple Sensitive Attributes in Data Publishing , 2008 .

[7]  Ge Yu,et al.  Privacy Preserving Approaches for Multiple Sensitive Attributes in Data Publishing: Privacy Preserving Approaches for Multiple Sensitive Attributes in Data Publishing , 2009 .

[8]  Xiaoqi Ma,et al.  Verifying and Fixing Password Authentication Protocol , 2006, Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'06).

[9]  Lawrence C. Paulson,et al.  Inductive analysis of the Internet protocol TLS , 1999, TSEC.

[10]  William A. Arbaugh,et al.  Real 802.11 Security: Wi-Fi Protected Access and 802.11i , 2003 .

[11]  Huiqun Yu,et al.  A Complete (alpha,k)-Anonymity Model for Sensitive Values Individuation Preservation , 2008, 2008 International Symposium on Electronic Commerce and Security.

[12]  John C. Mitchell,et al.  A modular correctness proof of IEEE 802.11i and TLS , 2005, CCS '05.

[13]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[14]  Floriano De Rango,et al.  Static and Dynamic 4-Way Handshake Solutions to Avoid Denial of Service Attack in Wi-Fi Protected Access and IEEE 802.11i , 2006, EURASIP J. Wirel. Commun. Netw..

[15]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[16]  Pasi Eronen,et al.  Denial of service in public key protocols , 2000 .

[17]  Maode Ma,et al.  Security improvements of IEEE 802.11i 4-way handshake scheme , 2010, 2010 IEEE International Conference on Communication Systems.

[18]  Yu Liu,et al.  Decomposition: Privacy Preservation for Multiple Sensitive Attributes , 2009, DASFAA.

[19]  John C. Mitchell,et al.  Analysis of the 802.11i 4-way handshake , 2004, WiSe '04.

[20]  Raymond Chi-Wing Wong,et al.  Achieving k-Anonymity by Clustering in Attribute Hierarchical Structures , 2006, DaWaK.

[21]  Xinyu Xing,et al.  Security Analysis and Authentication Improvement for IEEE 802.11i Specification , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[22]  Pierangela Samarati,et al.  Generalizing Data to Provide Anonymity when Disclosing Information , 1998, PODS 1998.

[23]  Yufei Tao,et al.  Anatomy: simple and effective privacy preservation , 2006, VLDB.

[24]  Xiaoqi Ma,et al.  A Framework for Proving the Correctness of Cryptographic Protocol Properties by Linear Temporal Logic , 2013 .

[25]  Kefei Chen,et al.  Formal analysis of authentication in 802.11i , 2009 .

[26]  Giampaolo Bella,et al.  Formal Correctness of Security Protocols , 2007 .