1 / 11

Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard

Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard. Networks Security, Wireless Communications and Trusted Computing(NSWCTC) , 2010 Author : Li Wang , Balasubramaniam Srinivasan Reporter : Ming- Chieh Lee Date : 2013/10/07. Outline.

julio
Download Presentation

Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC) , 2010 Author : Li Wang, Balasubramaniam Srinivasan Reporter : Ming-Chieh Lee Date : 2013/10/07

  2. Outline • Introductionof IEEE 802.11i Standard • DoS attack • De-authentication / Disassociation Attacks • DoS attacks to 4-way handshakes • Conclusion

  3. IEEE 802.11i Standard • IEEE 802.11i : A security standard of 802.11 series WLAN • RSN (Robust Security Network) • Supplicant,Authenticator , Authentication Server • RSNA Establishment Procedures • Network and Security Capability Discovery • 802.11 Open System Authentication and Association • EAP/802.1X/RADIUS Authentication • 4-Way Handshake • Group Key Handshake • Secure Data Communications

  4. De-authentication/ DisassociationAttacks • management frames are unprotected • all WLAN users can be disconnected by broadcasting the frameby setting the destination address as FF:FF:FF:FF:FF:FF Attacker Attacker Authenticator Supplicant Supplicant Authenticator Authentication request Authentication request Authentication response Authentication response Association request Association request Association response Association response De-authentication Disassociation data data Disassociation De-authentication

  5. Proposed Mechanism to Prevent this Attack • Before PTK is generated • defer the execution for 5 sec • After the PTK exchange protocol • protected by the sequence number (SN) and KCK

  6. Proposed Mechanism to Prevent this Attack • authenticator wants to de-authenticate or disassociate all the supplicants • broadcast messages with secret key K • (message) • comparison with the received one in Message 3 of 4-way Handshake

  7. 4-way Handshake • Handshake Goals • Confirm the possession of PMK • Derive a fresh session key(PTK) for data transmission • PTK = PRF{PMK, AA, SPA, ANonce, SNonce} Supplicant(PMK) Authenticator(PMK) {AA , ANonce , SN ,msg1} Derive PTK {SPA , SNonce ,SN , msg2 ,(SNonce , SN , msg2) } Derive PTK Verify MIC {AA , Anonce ,SN+1 , msg3 ,(Anonce , SN+1 , msg3) } Verify MIC install PTK {SPA ,SNonce , SN+1 , msg4 ,(SNonce ,SN+1 , msg4) } Verify MIC install PTK

  8. DoS attack in 4-way Handshake phase Attacker Supplicant(PMK) Authenticator(PMK) {AA , ANonce , SN ,msg1} Derive PTK {SPA , SNonce ,SN , msg2 ,(SNonce , SN , msg2) } Derive PTK Verify MIC {AA , ANonce’ , SN ,msg1} Calculate PTK’ {AA , ANonce ,SN+1 , msg3 ,(ANonce , SN+1 , msg3) } Weak point: No protection of Message 1 PTK ≠ PTK’ Verify MIC fail - > discard Timeout - > De-authentication

  9. DoS attack in 4-way Handshakephase Supplicant(PMK) Authenticator(PMK) Attacker {AA , ANonce , SN ,msg1} Derive PTK {SPA , SNonce ,SN , msg2 ,(SNonce , SN , msg2) } Derive PTK Verify MIC {AA , ANonce’ , SN ,msg1} Calculate PTK’ Store PTK’ & ANonce’ {AA , ANonce’’ , SN ,msg1} memory exhaustion attack {AA , ANonce’’’ , SN ,msg1} {AA , , SN ,msg1} Calculate Store & 9/11

  10. Enhanced 3-way Handshake • Solution • ANonce is not involved in the PTK generation • PTK = PRF{PMK, AA, SPA, SNonce} • supplicant won’t store the received ANonce Authenticator(PMK) Supplicant(PMK) {AA , ANonce , SN ,msg1} Derive PTK • Advantages • Eliminate the memory DoS attack Verify ANonce Derive PTK Verify MIC install PTK {SPA , ANonce , SNonce ,SN , msg2 (ANonce , SNonce , SN,msg2) } Verify SNonce Verify MIC install PTK {AA , SNonce ,SN+1 , msg3 ,(SNonce , SN+1 , msg3) } 10/11

  11. Conclusions • IEEE 802.11i standard was defined in order to overcome thevulnerabilities in WEP and WPA but still it is not secure against DoS attacks • de-authentication/ disassociation attacks • hybrid mechanism • 4-wayHandshakeattacks • Parallel instances exist => Forged Message 1 attack • Keep all states =>memory exhaustionattack • Enhanced 3-way Handshake

More Related