Analysing the EAP-TLS handshake and the 4-way handshake of the 802.11i standard

The IEEE 802.11i standard has been designed to enhance security in wireless networks. The EAP-TLS handshake aims to provide mutual authentication between supplicant and authentication server, and then derive the Pairwise Master Key (PMK). In the 4 -way handshake the supplicant and the authenticator use PMK to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4- way handshake. In this paper, the EAP-TLS handshake and the 4-way handshake phases have been analysed with a proposed framework using Isabelle tool. In the analysis, we have found a new Denial-of-Service (DoS) attack in the 4-way handshake. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack

Fast Authentication in Heterogeneous Wireless Networks

The growing diffusion of wireless devices is leading to an increasing demand for mobility and security. At the same time, most applications can only tolerate short breaks in the data flow, so that it is a challenge to find out mobility and authentication methods able to cope with these constraints. This paper aims to propose an authentication scheme which significantly shortens the authentication latency and that can be deployed in a variety of wireless environments ranging from common Wireless LANs (WLANs) to satellite-based access networks

Analysing and attacking the 4-way handshake of IEEE 802.11i standard

The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-of-Service (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack

Tinjauan Teknis Teknologi Perangkat Wireless dan Standar Keamanannya

Teknologi komunikasi wireless yang banyak berkembang saat ini adalah Bluetooth, Wi-Fi, Wi-MAX. Masing-masing memiliki karakteristik yang berlainan meskipun sama-sama menggunakan pita frekwensi tinggi. Teknologi bluetooth menggunakan protokol IEEE 802.15.1, dan Wi-Fi berada di bawah spesifikasi 802.11.Sedangkan WiMAX dikembangkan mulai dari standar 802.16 kemudian berevolusi ke standar 802.16a (direvisi menjadi 802.16d) kemudian yang terakhir adalah 802.16e.Model penanganan kemanan yang dilakukan pada peangkat komunikasi yang menggunakan frekewensi diatas semestinya mengacu pada standar yang dikeluarkan IEEE yang dinamakan standar IEEE 802.1x yang merupakan standar keamanan jaringan yang mempunyai banyak mekanisme untuk autentifikasi

802.11 Wireless And Wireless Security

The purpose of this paper is to educate the wireless user or prospective wireless user regarding 802.11 wireless and wireless security.  This is achieved by a review of the literature.  Our review of the literature includes an overview of the most popular wireless standard, 802.11, some of the benefits of wireless networks, some of the vulnerabilities in wireless networks and some basic security recommendations specific to wireless networks.  In addition, the paper gives an overview of some future wireless protocols that are currently being worked on by the various standard developing bodies.

IEEE 802.11 i Security and Vulnerabilities

Despite using a variety of comprehensive preventive security measures, the Robust Secure Networks (RSNs) remain vulnerable to a number of attacks. Failure of preventive measures to address all RSN vulnerabilities dictates the need for enhancing the performance of Wireless Intrusion Detection Systems (WIDSs) to detect all attacks on RSNs with less false positive and false negative rates