Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Networking

ICOIN 2004: Information Networking. Networking Technologies for Broadband and Mobile Networks pp 915–924Cite as

Analysis and Countermeasure on Vulnerability of WPA Key Exchange Mechanism

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3090))

Abstract

In this paper, we analyze some weaknesses in WPA authenticator key management state machine and propose the countermeasures to overcome these problems. Our researches on IEEE 802.11i authenticator state machine that is WPA authenticator key management state machine reveal that the state machine cannot support the stable group key setting and is vulnerable to the replay attack and DoS attack. We describe 3 problems related to these vulnerabilities, propose the respective solutions and reconstruct WPA authenticator key management state machine to which the alternative solutions are applied.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ISO/IEC 8802-11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. ISO/IEC 8802-11 (1999)

    Google Scholar 

  2. Walker, J.R.: Unsafe at any key size; An analysis of the WEP encapsulation. IEEE 802.11-00/362 (2000)

    Google Scholar 

  3. IEEE 802.11: LAN/MAN Specific Requirements- Part 11: Wireless Medium Access Control (MAC) and physical layer (PHY) specification: Specification for Enhanced Security. IEEE Std 802.11i/D3.0 (2002)

    Google Scholar 

  4. Wi-Fi Alliance: Wi-Fi Protected Access (WPA). WPA Version 2.0 (2003)

    Google Scholar 

  5. Wi-Fi Alliance: Overview Wi-Fi Protected Access, http://www.wifi.org/OpenSection/pdf/Wi-FiProtectedAccessOverview.pdf

  6. IEEE 802.1: Standard for Local and metropolitan area networks- Port-Based Network Access Control. IEEE Std 802.1X (2001)

    Google Scholar 

  7. Blunk, L., Vollbrecht, J.: PPP Extensible Authentication Protocol (EAP). IETF (1998)

    Google Scholar 

  8. Rigney, C.: Remote Authentication Dia. In: User Service (RADIUS). IETF (2000)

    Google Scholar 

  9. Aboba, B., Simon, D.: PPP EAP TLS Authentication Protocol. IETF (1999)

    Google Scholar 

  10. Pall, G., Zorn, G.: Microsoft Point-To-Point Encryption (MPPE) Protocol. IETF (2001)

    Google Scholar 

  11. IEEE 802.1: Standard for Local and metropolitan area networks- Port-Based Network Access Control- Amendment 1: Technical and Editorial Corrections. IEEE P802.1aa/D6.1 (2003)

    Google Scholar 

  12. IEEE 802.11: Recommended Practice for Multi-Vendor Access Point Interoperability via an Inter-Access Point Protocol Across Distribution Systems Supporting IEEE 802.11 Operation. IEEE Std 802.11f/D5 (2003)

    Google Scholar 

  13. Aboba, B.: IEEE 802.1X Pre-Authentication. IEEE 802.11-02/389r1 (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Research Division, Electronics and Telecommunications Research Institute, Daejeon, 305-350, Korea

    You Sung Kang, KyungHee Oh, ByungHo Chung & Kyoil Chung

  2. The Graduate School of Information Technology and Telecommunications, InHa University, Incheon, 402-753, Korea

    DaeHun Nyang

Authors
  1. You Sung Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. KyungHee Oh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. ByungHo Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kyoil Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. DaeHun Nyang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Electronics Information Engineering, Korea University, Seoul, Korea

    Hyun-Kook Kahng

  2. Waseda University, 3-4-1 Ohkubo, Shinjuku, 169-8555, Tokyo, Japan

    Shigeki Goto

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kang, Y.S., Oh, K., Chung, B., Chung, K., Nyang, D. (2004). Analysis and Countermeasure on Vulnerability of WPA Key Exchange Mechanism. In: Kahng, HK., Goto, S. (eds) Information Networking. Networking Technologies for Broadband and Mobile Networks. ICOIN 2004. Lecture Notes in Computer Science, vol 3090. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25978-7_92

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-25978-7_92

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23034-2

  • Online ISBN: 978-3-540-25978-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation