A Study of the TKIP Cryptographic DoS Attack

Abstract

The contribution of the paper is to study the cryptographic DoS attack in a testbed environment. We have shown the correct mechanism for an 802.11 message modification attack, described the implementation of this attack using a middleperson approach and compared the TKIP and Harkins countermeasures in a controlled environment. The cryptographic DoS attack is demonstrated to be practical and can be mounted by a single adversary with limited resources. This attack requires very little work on behalf of a hostile adversary and will bring TKIP-protected traffic to a complete halt. The threat of this attack being used to accomplish a security-level rollback should not be underestimated. The Harkins countermeasures address this threat by reacting in a more measured manner to active key recovery attacks.