分析和攻击IEEE 802.11i标准的4路握手

8th International Conference for Internet Technology and Secured Transactions (ICITST-2013) Pub Date : 2013-12-01 DOI:10.1109/ICITST.2013.6750227

A. Alabdulatif, Xiaoqi Ma, L. Nolle

{"title":"分析和攻击IEEE 802.11i标准的4路握手","authors":"A. Alabdulatif, Xiaoqi Ma, L. Nolle","doi":"10.1109/ICITST.2013.6750227","DOIUrl":null,"url":null,"abstract":"The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-of-Service (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.","PeriodicalId":246884,"journal":{"name":"8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Analysing and attacking the 4-way handshake of IEEE 802.11i standard\",\"authors\":\"A. Alabdulatif, Xiaoqi Ma, L. Nolle\",\"doi\":\"10.1109/ICITST.2013.6750227\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-of-Service (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.\",\"PeriodicalId\":246884,\"journal\":{\"name\":\"8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)\",\"volume\":\"57 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICITST.2013.6750227\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2013.6750227","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

摘要

IEEE 802.11i标准旨在增强无线网络的安全性。在4次握手中，请求方和验证方使用成对主密钥(PMK)来获得新的成对瞬态密钥(PTK)。在运行4路握手之前，假设请求方和验证方具有相同的PMK，则不会直接使用PMK来保证安全性。在本文中，使用Isabelle工具分析了4次握手阶段，以识别新的拒绝服务(DoS)攻击。这种攻击会阻止验证方接收请求方发送的消息4。这种攻击迫使验证者重新发送消息3，直到超时，然后取消对请求者的身份验证。本文提出了对4次握手的改进，以避免拒绝服务攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Analysing and attacking the 4-way handshake of IEEE 802.11i standard

The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-of-Service (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)

自引率

0.00%

发文量