Abstract
In this paper, we analyze some weaknesses in WPA authenticator key management state machine and propose the countermeasures to overcome these problems. Our researches on IEEE 802.11i authenticator state machine that is WPA authenticator key management state machine reveal that the state machine cannot support the stable group key setting and is vulnerable to the replay attack and DoS attack. We describe 3 problems related to these vulnerabilities, propose the respective solutions and reconstruct WPA authenticator key management state machine to which the alternative solutions are applied.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
ISO/IEC 8802-11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. ISO/IEC 8802-11 (1999)
Walker, J.R.: Unsafe at any key size; An analysis of the WEP encapsulation. IEEE 802.11-00/362 (2000)
IEEE 802.11: LAN/MAN Specific Requirements- Part 11: Wireless Medium Access Control (MAC) and physical layer (PHY) specification: Specification for Enhanced Security. IEEE Std 802.11i/D3.0 (2002)
Wi-Fi Alliance: Wi-Fi Protected Access (WPA). WPA Version 2.0 (2003)
Wi-Fi Alliance: Overview Wi-Fi Protected Access, http://www.wifi.org/OpenSection/pdf/Wi-FiProtectedAccessOverview.pdf
IEEE 802.1: Standard for Local and metropolitan area networks- Port-Based Network Access Control. IEEE Std 802.1X (2001)
Blunk, L., Vollbrecht, J.: PPP Extensible Authentication Protocol (EAP). IETF (1998)
Rigney, C.: Remote Authentication Dia. In: User Service (RADIUS). IETF (2000)
Aboba, B., Simon, D.: PPP EAP TLS Authentication Protocol. IETF (1999)
Pall, G., Zorn, G.: Microsoft Point-To-Point Encryption (MPPE) Protocol. IETF (2001)
IEEE 802.1: Standard for Local and metropolitan area networks- Port-Based Network Access Control- Amendment 1: Technical and Editorial Corrections. IEEE P802.1aa/D6.1 (2003)
IEEE 802.11: Recommended Practice for Multi-Vendor Access Point Interoperability via an Inter-Access Point Protocol Across Distribution Systems Supporting IEEE 802.11 Operation. IEEE Std 802.11f/D5 (2003)
Aboba, B.: IEEE 802.1X Pre-Authentication. IEEE 802.11-02/389r1 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kang, Y.S., Oh, K., Chung, B., Chung, K., Nyang, D. (2004). Analysis and Countermeasure on Vulnerability of WPA Key Exchange Mechanism. In: Kahng, HK., Goto, S. (eds) Information Networking. Networking Technologies for Broadband and Mobile Networks. ICOIN 2004. Lecture Notes in Computer Science, vol 3090. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25978-7_92
Download citation
DOI: https://doi.org/10.1007/978-3-540-25978-7_92
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23034-2
Online ISBN: 978-3-540-25978-7
eBook Packages: Springer Book Archive