Abstract:
Wi-Fi technology is one of the key enablers of the Internet-of-Things (IoT) revolution that will allow the interaction of tens of billions of smart devices. The lack of a...Show MoreMetadata
Abstract:
Wi-Fi technology is one of the key enablers of the Internet-of-Things (IoT) revolution that will allow the interaction of tens of billions of smart devices. The lack of authentication for management frames in IEEE 802.11 creates a major cyber-security vulnerability for the IoT and the whole Wi-Fi ecosystem. While in recent amendments WPA2 may be used to encrypt and authenticate deauthentication/disassociation management frames if a shared secret key has already been established, no such mechanism exists to verify the legitimacy of an AP with a known name, i.e, an AP with a history of legitimate connections in the past, at the time a client is trying to establish a connection. We propose a novel authentication framework for 802.11 that solves this problem by utilizing the communication history information readily available at the transmitter and receiver in establishing a shared key and protects all management frames from spoofing attacks. A management frame authentication code is generated at the transmitter using this information, and attached to the management frame in order to be verified at the receiver. Our framework is flexible enough to work with various types of application and PHY layer data, and is scalable enough to be applied to devices with different computing and processing capabilities. We have adapted the well-known Knapsack cryptosystem to our communication history-based authentication scheme, as it is simple to implement and provides strong security for our application scenarios. We evaluate our authentication scheme using application layer history with and without RSSI information, and show that using RSSI in addition to data packet history can provide the combined benefits of high entropy secret bit generation and increased protection against packet sniffing attacks. Through experimental work, we show that our communication history based approach provides a robust, low-complexity, and scalable authentication method for management frames in 802.11...
Date of Conference: 28-30 September 2015
Date Added to IEEE Xplore: 07 December 2015
Electronic ISBN:978-1-4673-7876-5