An Efficient WLAN Initial Access Authentication Protocol
|
|
- Colleen Harrison
- 5 years ago
- Views:
Transcription
1 Globecom Communication and nformation System Security Symposium An Efficient WLAN nitial Access Authentication Protocol Xinghua Li Jianfeng Ma Shen Yulong Xidian University, Xi'an, , China Xidian University Wayne State University, USA Virginia Polytechnic nstitute and State University, VA, 22043, USA lixingh@gmail.com Xi' an, , China jfma@mail.xidian.edu.com ylshen@mail.xidian.edu.cn Abstract-Nowadays, with the rapid increase of WLANenabled mobile devices, new scenarios emerge which require a more efficient WLAN initial link setup mechanism, and an access authentication method faster than the current EEE S02.Hi is desired. Our analysis indicates that the essential reason resulting in the inefficiency of S02.Hi is that it is designed from the framework perspective which introduces too many messages. To overcome the drawbacks, an efficient initial access authentication protocol is proposed which realizes the authentications and key distribution through 2 roundtrip messages between the mobile device and the networks. Analysis indicates that our proposal is of the same security as the 4-way handshake protocol. The experiment result shows that our scheme can improve the authentication delay of the EAP-TLS by 94.7%. Furthermore, a simple and practical method is presented to enable it to be compatible with S02.Hi.. NTRODUCTON n recent years, Wireless Local Area Networks (WLAN) [1, 2] technology gets rapid development for its good mobility, high bandwidth and important flexibility. The mobile equipments that support WLAN increase greatly, such as smart phones, tablet computers. Users can easily access a variety of network applications through WLAN, e.g., facebook, twitter, and real videos. However, security is a serious concern because the wireless medium is open for public access within a certain range. n order to provide secure data communications over wireless links, the Task Group proposed the Wired Equivalent Privacy (WEP) to encrypt the data stream and authenticate the wireless devices. However, significant deficiencies have been identified in both the encryption and the authentication mechanisms [3, 4]. To repair the problems in WEP, the Wi Fi Alliance proposed an authentication mechanism based on EAP/802.XlRADUS [5, 6, 7] to replace the poor open system authentication and shared key authentication in WEP. As a long-term solution to securing wireless links, the latest EEE standard i [8] was ratified on June 24, The authentication process combines 802.X authentication with key management procedures to generate a fresh pairwise key and/or group key, followed by data transmission sessions. However, with the rapid increase of the WLAN-enabled mobile devices, some new scenarios emerge which challenge the current WLAN standards including i. E.g., there exists such a WLAN in a metro station where a large number of mobile users are constantly entering and leaving the coverage area of an access point (AP) in an extended service set (ESS). Every time the mobile device enters an ESS, the mobile device has to do an initial set-up to establish WLAN connectivity. This works well when the number of new stations (STAs) in a given time period is small. However, when a high number of users simultaneously enter an ESS, an efficient mechanism that scales well is required to minimize the time STAs spend in the initial link setup, while maintaining a secure authentication. Another scenario also has the similar requirement where every STA passes through the coverage area in a short time and still needs to access WLAN. To solve the problem, a specific task group EEE ai [9] is established, and its goal is to reduce the initial link establishment time but maintain the security level of i. The authentication process specified by EEE i, as a bulky time consuming component of the initial link setup, is regarded by ai as an important improvement target. Our analysis indicates that the essential reason leading to the inefficiency of the 802.i is that it is designed from the framework perspective which introduces too many message interactions (e.g., for EAP-TLS [10], 11 roundtrip messages are needed) between mobile terminals and the networks. To improve its efficiency, an efficient initial access authentication method is proposed which just takes two roundtrip messages to fulfill the authentications and key distribution between the mobile terminal, AP and authentication server (AS). Analysis indicates that our scheme is of the same security level as the 4-way handshake protocol, but the performance is improved by 94.7% compared with the EAP-TLS. At the same time, in implementation we give a simple method that enables our scheme to be compatible with the EEE i. The rest of the paper is organized as follows. Section 2 presents the i and its drawback analysis. Our scheme is given in Section 3. Section 4 analyzes the proposed scheme, and the paper is concluded in Section 5.. BACKGROUND i RSNA (robust security network association) [8] establishment procedure consists of 802.X authentication and key management protocols. Three entities are involved, called /12/$ EEE 1035
2 c' r:jl Stage 1: AP and [.. Security Capacity ' (3) Probe Response Discovery + AA RSN E.'1 (4) Authentication Request (Open) _ (5) Authentication Response (Open) Stage 2: Authentication (6) Association Request + SPA RSN E and Association (7 (!; i E ;: 1 Stage 3: EAP Authentication 12 MutualAuthentication e.g.eap-lls Stage 4: 4-way Handshake MSK,PMK GTK Obtained, 802.XUnblocked Fig. 1. (14) EAPoL Success (15)ANonce (16) SNonce, MlC (17) ANonce, GTK, MlC (18)MC Five stages of 802.1li $ (11) Radius Request (13) Radius Accept + PMK the Supplicant (the STA), the authenticator (the AP), and the Authentication Server (de facto a RADUS server [7]). Generally, a successful authentication means that the supplicant and the authenticator verify each other's identity and generate a shared secret for subsequent key derivations. Based on this shared secret, the key management protocols compute and distribute usable keys for data communication sessions. The authentication server can be implemented either in a single device with the authenticator, or through a separate server, assuming the link between the authentication server and the authenticator is physically secure. The complete handshakes of establishing a RSNA are shown in Figure 1. For the purpose of analysis, these steps can be divided into 5 stages as follows. Stage 1. AP and Security Capability Discovery This stage consists of messages numbered (1) to (3). The AP either periodically broadcasts its security capabilities, indicated by RSN E (Robust Security Network nformation Element), in a specific channel through the Beacon frame; or responds to a station's Probe Request through a Probe Response frame. A wireless station may discover available access points and corresponding security capabilities by either passively monitoring the Beacon frames or actively probing every channel. Stage Authentication and Association This stage consists of messages numbered (4) to (7). The station chooses one AP from the list of available APs, and tries to authenticate and associate with that AP. Note that Open System Authentication is included only for backward compatibility, and a station should indicate its security capabilities in the Association Request. After this stage, the station and the AP are in authenticated and associated state. However, the authentication achieved so far is weak, and will be supplemented by further steps. At the end of this stage, the 802.1X ports remain blocked and no data packets can be exchanged. Stage 3. EAP/802.1X1RADUS Authentication This stage consists of messages numbered (8) to (14). The supplicant and the authentication server execute a mutual authentication protocol (de facto EAP-TLS [10]), with the authenticator acting as a relay. After this stage, the supplicant and the authentication server have authenticated each other and generated some common secret, called the Master Session Key (MSK). The supplicant uses the MSK to derive a Pairwise Master Key (PMK); The AAA key material on the server side is securely transferred to the authenticator, indicated by message (13). This allows the authenticator to derive the same PMK. This stage might be skipped if the supplicant and the authenticator are configured using a static Pre-Shared Key (PSK) as the PMK, or when a cached PMK is used during are-association. Stage 4. 4-Way Handshake This stage consists of messages numbered (15) to (18). Regardless of whether the PMK is derived from Stage 3, configured using a PSK, or reused from a cached PMK, the 4-Way Handshake must be executed for a successful RSNA establishment. The supplicant and authenticator use this handshake to confirm the existence of the PMK, verify the selection of the cipher suite, and derive a fresh Pairwise Transient Key (PTK) for the following data session. Simultaneously, the authenticator might also distribute a Group Transient Key (GTK) in message (17). After this stage, a fresh PTK (and maybe GTK) is shared between the authenticator and the supplicant; the 802.1X ports are unblocked for data packets. Stage 5. Group Key Handshake This stage consists of messages numbered (19) and (20). n case of multicast applications, the authenticator will generate a fresh GTK and distribute this GTK to the supplicants. These handshakes might not be present if the fresh GTK has been distributed in Stage 4; this stage may be repeated multiple times using the same PMK. Through these handshakes, the supplicant and the authenticator mutually authenticate each other and establish a secure session for data transmissions. A. Drawbacks of 802.lli and its analysis From Figure 1, it can be seen that i takes multiple roundtrip messages to achieve the authentications and key distribution. The number of message reactions varies for different authentication protocols used, e.g., EAP-TLS takes 11 roundtrip messages and PEAPEAP-MSCHAPv2 [11] takes 16 roundtrip messages (not including the scan process). As a result, too much time is consumed in the authentication and key management, consequently, the AP cannot establish links with a multiple of users at the same time or the dwelling time is not enough to establish the initial link before the STA moves out the coverage of the AP. The main reason leading to these drawbacks is that i is designed from the framework perspective. To begin with, to 1036
3 -, achieve backward compatibility, the open system authentication is preserved. But in function, the two messages are useless for the initial link establishment. Secondly, the EAP authentication is employed, the advantage of which is that it is open and any two-party authentication protocol can be included and run within it. However, it introduces some extra messages, e.g., message (9) EAPoL-RequestJdentity, message (10) EAPoL Response/dentity and message (11) Radius Request. Besides, to keep the uniformity of the framework, EAP authentication and 4-way handshake protocol have to be sequential execution. That is, only after the EAP phase, can the 4-way handshake protocol be performed to realize the mutual authentication between the STA and the AP. But in function, to some degree the authentication between the AP and the STA can parallelize with the one between the STA and AS. 1. Probe response(bssd, AS-D, RSN E) 2. The frst authentication message SNonce, User-D, AS-D, F, t) Authentication Request (open) 7. The second authentication message (ANonce, User-D, AS-D, E, t, Mel) _---'--- Authenticution Response (open) The third authentication message (User-lOt SNonce, MQ) Associution Request 11. The fourth authentication message (GTK,MC) Association Response 5. Fast authentication response (SNonce,User-D, AS-D, E, t, PMK) A. The design goal and idea. NEW SCHEME From the analysis in Section 2, we get the goal and guideline for our scheme as follows. Orientation: nstead of the replacement of 802.li, the new scheme is just a complement and should be compatible with it. Scope: Just a new initial access authentication is introduced which should not affect the subsequent procedure of the 802.i, such as the update of the PTK. Function: The least messages are used to realize the authentication and key distribution between STA, AP and AS. Security: The security level of the new scheme is no less than the existing standard. Performance: The new scheme should greatly improve li. According to the drawback analyzed in Section 2 and the design goal outlined above, we get the design idea of the new scheme as follows. Rather than using the current 802.li framework, a specific authentication protocol is designed; the least messages (two messages) are used to realize the authentication between the STA and the AS, and the 4-way handshake protocol messages are rationally integrated with them to realize the authentication between the STA and the AP. B. The protocol procedure n the proposed scheme, each STA shares a key k with the authentication server AS, and also it is assumed that the link between the AS and the AP is secure. Our scheme is shown in Figure 2, and its interaction procedure is as follows. (1) Through the proactive scan, the STA get the WLAN information which includes the basic service set identity (BSSD), the identity of the authentication server and the security capacity of the networks. (2) The first authentication message{ SNonce, User-D, AS D, F, t} is sent to the AP from the STA, among which t is a counter and its initial value is set as 1. The STA increases the counter by one once sending such a message. SNonce is the random value generated by STA. User-D is the user's identity, Fig. 2. The proposed scheme while AS-D is the identity of the AS. F=f(k, tl SNoncel User DAS-D), where f( ) is a hash function and k is the preshared key between the STA and the AS, and denotes the concatenation. (3) AP sends the fast access authentication request message {SNonce, User-D, AS-D, F, t}. (4) A counter is also set in the AS for each user which initial value is also set as 1. Upon receiving the fast access authentication request message, the AS gets its current t value according to the User-D and compares it with the received one. f the received t value is less than the t value preserved by the AS, the authentication of the STA will fail and the current t value of the AS will keep unchanged; otherwise, the AS will further verify F according to the received t and the key k. f correct, the authentication of the STA by the AS succeeds, and the AS adds the received t value by one and sets it as its current t value. Thereafter, the AS computes the pairwise master key PMK= h(k, "FA_PMK"lltllUser-DAS D), where h is a hash function and "FA_PMK" is a constant string. (5) The AS replies the AP with the authentication response message {SNonce, User-D, AS-D, E, t, PMK}, where E=f(k, tisnonceas-d User-D). (6) Upon receiving the message 5, the AP generates its own random value ANonce and computes the PTK. PTK= PRF-X (PMK, "Pairwise key expansion ", Min(AA, SPA)Max(AA,SPA)Min(ANonce,SNonce)Max(ANonce, SNonce)) n the above equation, PRF-X is a pseudo random function; SPA is the MAC address of the STA; AA is the MAC address of the AP; Min( ) means getting the minimum value; Max ( ) means getting the maximum value; "Pairwise key expansion" is a constant string. The derivation of the PTK here is exactly same as that of i. f the AS is co-exist with the AP, there is no message interactions between the AS and the AP, and the related operations are performed by the AP. (7) The AP sends the second authentication message 1037
4 {ANonce, User-D, AS-D, E, t, MCl}, where MC is the message authentication code computed on this message by the AP using the PTK, and t is the current value of the AS. (8) Upon receiving the second authentication message, the STA will compare the received t value with its current t value, and if equal the STA will validate E. f correct, the authentication of the AS will pass. Thereafter, the STA will compute the PMK and PTK, using the same method as that of the AS and AP. At the same time, the STA will verify the MC taking use of the PTK. f valid, the STA authenticates the AP successfully. (9) The STA sends the third authentication message {User D, SNonce, MC2}, where MC2 is the message authentication code computed on this message by the STA using the PTK. Meanwhile, the STA also indicates that whether the group temporal key GTK is required or not. (10) Upon receiving the third authentication message, the AP verifies the MC2. f correct, it means that the STA generates the same PTK, and the AP authenticates the STA successfully. So far, the networks side completes the authentication of the STA, and the AP installs the derived PTK. f the MC2 is verified invalid or in a given time the third authentication message is not received, the AP will delete the STA's authentication information and de-authenticate it. Meanwhile, the authentication failure message will be sent to the AS which will delete the authentication information of the STA and rollback its t value. (11) The AP sends the STA the fourth authentication message {GTK, MC3}, where the GTK is encrypted using the PTK. Upon receiving this message, the STA verifies the MC3. f correct, the STA decrypts and gets the GTK and other related information. At the same time, the STA installs the PTK. V. SCHEME ANALYSS (1) Compatibility analysis The proposed scheme does not intend to replace 802.1i, instead, it is oriented as a complement of the current standard for some special applications. Therefore, our scheme is provided as another choice besides the 802.1i. Before the standard 802.lli, when a user makes the initial authentication, he can chose the open system authentication or WEP. Referring to this method, we also provide users two options here, including the open system authentication and our scheme. To achieve this goal, a new Authentication Algorithm dentification [1] has to be added which is to identity our scheme. And this new identification is broadcast in the scan phase. Then, users have the idea that there are two authentication methods to choose following the scan phase. Depending on the specific scenario they will choose an appropriate one from the two options. f the open system authentication is chose, the normal 802.1i will be followed. Otherwise, our scheme will be executed. n such a way, the proposed scheme can be compatible with the current security standard i. n addition, our scheme is just applicable to the initial access authentication and the resulting output is also the PTK which is same as the 802.i, 8. STA AS 3. Fast access authentication request (SNonce,User-D,AS-D, F, t) t=t+l 14. AS verifies t and F, 1 then generates PMK Fig Fast authentication response (SNonce, User-D, AS-D, E, t) The interaction between the STA and AS STA Generates PMK and PTK, verifies MC, 2. The first authentication message ( SNonce, User-D) Authentication Request (open) 7. The second authentication message (ANonce, User-D, MC1) Authentication Response (open) 9. The third authentication message (SNonce, MC2) Association Request 11. The fourth authentication message (MC3) Association Response Fig. 4. The interaction between the STA and AP 10. AP Verifies MC2 therefore, the subsequent procedure (e.g., the update of the PTK) of 802.lli will not be affected. (2) Security analysis The proposed scheme first employs the shared key k to realize the mutual authentication between the STA and the AS, meanwhile, the PMK is derived. Then, using the PMK, the STA and the AP authenticate each other and generate the PTK. According to those two functions, we divide the scheme into two parts which are the interaction between the STA and the AS, and the one between the STA and the AP. The former is shown in Figure 3 and the latter in Figure 4. n the two figures, the message fields that do not affect the security are canceled. For the protocol in Figure 3, its security depends on that of the message (3). Because the message (5) is the response of the challenging message (3), its security is guaranteed except that the pre-shared key k is leaked. There are three ways that the attacker can take to destroy the security of the message (3), including the replay attack, forced delay [12] and forgery. The replay attack cannot work, because the t in the replayed message is less than the AS's current t value by at least one. Therefore, the AS thinks the received message invalid and the authentication will not succeed. The second attack is the forced delay, that is, when the STA sends a message (3), the attacker blocks and holds it, and then sends the message later. Using this method, the attacker can pass the protocol in Figure 3, 1038
5 o EAP-TLS (avg.= rns) 400 V E. Proposed Protocol (avg.=13.884ms) STA AP AS Fig. 5. The topology of the testbed however, he has no idea of the k and cannot get the PMK. Consequently, the attacker cannot pass through the protocol in Figure 4 and the authentication fails. Another attack is the forgery of the message (3), that is, the attacker chooses a t that is bigger than the current t value used and generates a valid F. There are two possibilities leading to the success of this attack. One is that the k is leaked, and the other one is that the hash function f( ) is insecure. But the pre-shared key k and the f( ) is assumed secure, therefore, this attack will not succeed either. n summary, the protocol in Figure 3 is secure, therefore, the PMK is derived securely. From Figure 4, it can be seen that the message interactions are same as those of the 4-way handshake protocol. The unique difference is that in the 4-way handshake protocol the STA and the AP have got the PMK before the protocol starts, while in our scheme the AP and the STA get the PMK respectively after the message (5) and message (7). Therefore, only if the derived PMK is secure, the protocol in Figure 4 is as secure as the 4- way handshake protocol. The above analysis has demonstrated the PMK's security, therefore, the protocol in Figure 4 is also secure. From the above analysis, we get that the first protocol is secure and the second one's security is same as that of the 4-way handshake protocol, therefore, in summary our scheme is of the same security level as the 4-way handshake protocol. (3) Performance analysis We implement the proposed scheme and measure its authentication delay. The topology of the testbed is shown in Figure 5, and the softwares and hardwares used are as follows. (1) STA One HP desktop (2.26GHz Core 2 Duo CPU and 2G RAM) is adopted as the STA, and its operation system is Linux Fedora 14 which kernel version is The wireless PC network card is TP-UNK TL_ WN550G 54M. The OpenSSL [13] is used for encryptions and decryptions whose version is openssl-1.0.0d. The wpa_supplicant [14] is adopted as the STA simulator which version is wpa_supplicant (2) AP One HP desktop (2.26GHz Core 2 Duo CPU and 2G RAM) acts as the AP, and its operation system is Linux Fedora 14 which kernel version is The wireless PC networks card is TP-UNK TL_ WN550G 54M. The same OpenSSL is installed. The hostapd [15] is adopted as the AP simulator which version is hostapd (3) AS The AS runs on a HP desktop (3.0GHz Core 2 Duo CPU and 2G RAM) and its operation system is UbuntulO.lO. The Fig. 6. ElaCElaaaaaaaaaaaaElaaaaaElaaaaaaaaaElaaaaaaaaaaaElaaaa trial Authentication delay comparison between EAP-TLS and OUf scheme TABLE PERFORMANCE COMPARSON BETWEEN EAP-TLS AND OUR SCHEME Authentication dejay(ms) freeradius [16] is adopted which version is freeradius-server , and the same OpenSSL is installed. We run the EAP-TLS (inbuilt in freeradius and wpa_supplicant) and our scheme for 50 times respectively, and measure their authentication delays (not including the scan time) and the results are shown in Figure 6. The average authentication delays of the EAP-TLS and our scheme are ms and ms respectively, and our scheme improves the authentication delay of the EAP-TLS by 94.7%. Table 1 shows the comparison between them. From the above analysis, it can be seen that the proposed protocol fulfills our design goal. V. CONCLUSON With the rapid increase of the WLAN-enabled mobile devices, the current WLAN security standard EEE i is challenged for its low efficiency. We point out that the essential reason leading to the inefficiency is that 802.1i is designed from the framework perspective which introduces too many message interactions. To overcome the drawback and meet the requirement of new applications, an efficient initial access authentication protocol is proposed, which takes just two roundtrip messages between the client and the networks to complete the authentications and key distribution between the STA, AP and AS. Analysis indicates that in security our scheme is same as the 4-way handshake protocol and the authentication delay is improved by 94.7% compared with the EAP-TLS. Moreover, in implementation a simple method is given that enables our scheme to be compatible with the i. ACKNOWLEDGMENT This work is partially supported by the Major national S&T program(2011zx ), National Natural Science Foundation of China(Ul135002,610n066,611n068, ), 1039
6 the Fundamental Research Funds for the Central Universities(JY , JY ), Program for New Century Excellent Talents in University(Grant No. NCET-ll- 0691). REFERENCES [1] EEE Standard nformation technology- Telecommunications and information exchange between systems-local and metropolitan area networks-specific equirements-part 11: Wireless LAN Medium Access Control and Physical Layer Specifications [2] EEE Standard b Higher-Speed Physical Layer Extension in the 2.4 GHz Band, Supplement to EEE Standard for nformation technology-telecommunications and information exchange between systems-local and metropolitan area networks-specific requirements-part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. September, [3] W. A. Arbaugh, N.Shankar, J. Wang. Your Network has no Clothes. n Proceedings of the First EEE nternational Conference on Wireless LANs and Home Networks, pages , D ecember, [4] N. Borisov,. Goldberg, D. Wagner. ntercepting mobile communications: the insecurity of n Proceedings of the 7th Annual nternational Conference on Mobile Computing and Networking, Rome, taly, July, [5] B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson. RFC 3748: Extensible Authentication Protocol (EAP), June, 2004 [6] EEE Standard 802.1X EEE Standard for Local and metropolitan area networks-port-based Network Access Control. June, [7] C. Rigney, S. Willens, A. Rubens, W. Simpson. RFC 2865: Remote Authentication Dial n User Service (RADUS), June, [8] EEE P802.11i1DlO.0. Medium A ccess Control (MAC) Security Enhancements, Amendment 6 to EEE Standard for nformation technology Telecommunications and information exchange between systems-local and metropolitan area networks-specific requirements -Part 11: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications. April, [9] [10] B. Aboba, D. Simon. RFC 2716: PPP EAP TLS authentication protocol. October, [11] G. Zorn. RFC 2759: Microsoft PPP CHAP Extensions, Version 2, January, 2000 [12] A. Menezes, P. van Oorschot, S. Vanstone. Hand book of Applied Cryptography. CRC Press, 1996 [13] [14] [15] [16]
1 FIVE STAGES OF I.
1 1 FIVE STAGES OF 802.11I. Stage 1. AP and Security Capability Discovery This stage consists of messages numbered (1) to (3). The AP either periodically broadcasts its security capabilities, indicated
More informationA Wireless LAN Protocol for Initial Access Authentication
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 9 September 2014 Page No. 7992-7999 A Wireless LAN Protocol for Initial Access Authentication Sandhya
More informationFast and Secure Initial Access Authentication Protocol for Wireless LANs
American Journal of Engineering Research (AJER) e-issn : 2320-0847 p-issn : 2320-0936 Volume-03, Issue-08, pp-284-294 www.ajer.org Research Paper Open Access Fast and Secure Initial Access Authentication
More informationSecure Initial Access Authentication in WLAN
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 13 (2014), pp. 1299-1303 International Research Publications House http://www. irphouse.com Secure Initial
More informationWireless Network Security
Wireless Network Security Wireless LAN Security Slide from 2 nd book 1 802.11 Wireless LAN Security Stations in LAN are connected physically while in WLAN any station in the radio range is connected, so
More informationWPA-GPG: Wireless authentication using GPG Key
Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication
More informationChapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
More informationChapter 17. Wireless Network Security
Chapter 17 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s, to develop a protocol & transmission specifications for wireless LANs (WLANs) Demand
More informationWPA Passive Dictionary Attack Overview
WPA Passive Dictionary Attack Overview TakehiroTakahashi This short paper presents an attack against the Pre-Shared Key version of the WPA encryption platform and argues the need for replacement. What
More informationA Secure Wireless LAN Access Technique for Home Network
A Secure Wireless LAN Access Technique for Home Network *Ju-A Lee, *Jae-Hyun Kim, **Jun-Hee Park, and **Kyung-Duk Moon *School of Electrical and Computer Engineering Ajou University, Suwon, Korea {gaia,
More informationNetwork Encryption 3 4/20/17
The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server
More informationSecurity Enhanced IEEE 802.1x Authentication Method for WLAN Mobile Router
Security Enhanced IEEE 802.1x Method for WLAN Mobile Router Keun Young Park*, Yong Soo Kim*, Juho Kim* * Department of Computer Science & Engineering, Sogang University, Seoul, Korea kypark@sogang.ac.kr,
More informationJu-A A Lee and Jae-Hyun Kim
Ju-A A Lee and Jae-Hyun Kim Wireless Information & Network Engineering Research Lab, Korea {gaia, jkim}@ajou.ac.kr Abstract. IEEE 802.11i standard supports a secure access control for wireless LAN and
More informationWireless Network Security
Wireless Network Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationLink & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Outline Network Security EECE 412 Link & end-to-end protocols SSL/TLS WPA Copyright 2004 Konstantin Beznosov 2 Networks Link and End-to-End Protocols
More informationSecure and Seamless Handoff Scheme for a Wireless LAN System
Secure and Seamless Handoff Scheme for a Wireless LAN System Jaesung Park 1,BeomjoonKim 2, and Iksoon Hwang 3 1 Department of Internet Information Engineering, The University of Suwon, Gyeonggi-Do, 445-743,
More informationIEEE i and wireless security
Blog IEEE 802.11i and wireless security David Halasz 8/25/2004 10:00 PM EDT 0 comments post a comment Tweet Share 1 2 IEEE's wireless security amendment adds stronger encryption, authentication, and key
More informationSelecting transition process for WLAN security
WIRELESS COMMUNICATIONS AND MOBILE COMPUTING Wirel. Commun. Mob. Comput. 2008; 8:921 925 Published online 17 August 2007 in Wiley InterScience (www.interscience.wiley.com).538 Selecting transition process
More informationConfiguring a WLAN for Static WEP
Restrictions for Configuring Static WEP, page 1 Information About WLAN for Static WEP, page 1 Configuring WPA1+WPA2, page 3 Restrictions for Configuring Static WEP The OEAP 600 series does not support
More informationWireless Security i. Lars Strand lars (at) unik no June 2004
Wireless Security - 802.11i Lars Strand lars (at) unik no June 2004 802.11 Working Group 11 of IEEE 802 'Task Groups' within the WG enhance portions of the standard: 802.11 1997: The IEEE standard for
More informationWLAN Roaming and Fast-Secure Roaming on CUWN
802.11 WLAN Roaming and Fast-Secure Roaming on CUWN Contents Introduction Prerequisites Requirements Components Used Background Information Roaming with Higher-Level Security WPA/WPA2-PSK WPA/WPA2-EAP
More informationTroubleshooting WLANs (Part 2)
SharkFest 17 Europe Troubleshooting WLANs (Part 2) Troubleshooting WLANs using 802.11 Management & Control Frames 8. November 2017 Breaking News: Including KRACK!!! Rolf Leutert Leutert NetServices Switzerland
More informationAuthentication and Security: IEEE 802.1x and protocols EAP based
Authentication and Security: IEEE 802.1x and protocols EAP based Pietro Nicoletti Piero[at]studioreti.it 802-1-X-EAP-Eng - 1 P. Nicoletti: see note pag. 2 Copyright note These slides are protected by copyright
More informationCS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis
CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE
More informationWireless Network Security Spring 2015
Wireless Network Security Spring 2015 Patrick Tague Class #7 More WiFi Security 2015 Patrick Tague 1 Class #7 Continuation of WiFi security 2015 Patrick Tague 2 Device Private WiFi Networks AP Local AAA
More informationWireless Network Security Spring 2016
Wireless Network Security Spring 2016 Patrick Tague Class #7 WiFi Security 1 Announcements Please do HW#2 in using the stable OMNET++ 4.6, not the beta version. Porting has proven difficult... Form project
More informationStatus of P Sub-Specification
Status of P1451.5 802.11 Sub-Specification June 7, 2004 Ryon Coleman Senior Systems Engineer 802.11 Subgroup rcoleman@3eti.com Agenda 1. IEEE 802.11 Architecture 2. Scope within the 1451 Reference Model
More informationWLAN Security Performance Study
WLAN Security Performance Study GHEORGHE MÜLEC *,. RADU VASIU *, FLAVIU M. FRIGURA-ILIASA **, DORU VATAU ** * Electronics and Telecommunication Faculty, ** Power and Electrical Engineering Faculty POLITEHNICA
More informationVendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo
Vendor: HP Exam Code: HP2-Z32 Exam Name: Implementing HP MSM Wireless Networks Version: Demo QUESTION 1 A network administrator deploys several HP MSM APs and an HP MSM Controller. The APs discover the
More informationImproved KRACK Attacks Against WPA2 Implementations. Mathy OPCDE, Dubai, 7 April 2018
Improved KRACK Attacks Against WPA2 Implementations Mathy Vanhoef @vanhoefm OPCDE, Dubai, 7 April 2018 Overview Key reinstalls in 4-way handshake New KRACKs Practical impact Lessons learned 2 Overview
More informationWireless# Guide to Wireless Communications. Objectives
Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g
More informationFAQ on Cisco Aironet Wireless Security
FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most
More informationCategory: Standards Track Microsoft May 2004
Network Working Group Request for Comments: 3770 Category: Standards Track R. Housley Vigil Security T. Moore Microsoft May 2004 Status of this Memo Certificate Extensions and Attributes Supporting Authentication
More informationConfiguring Authentication Types
CHAPTER 11 This chapter describes how to configure authentication types on the access point. This chapter contains these sections: Understanding Authentication Types, page 11-2, page 11-10 Matching Access
More informationIEEE 802.1X workshop. Networkshop 34, 4 April Josh Howlett, JRS Technical Support, University of Bristol. Copyright JNT Association
IEEE 802.1X workshop Networkshop 34, 4 April 2006. Josh Howlett, JRS Technical Support, University of Bristol. Copyright JNT Association 2005 1 Introduction Introduction (5 mins) Authentication overview
More informationCsci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.
WEP Weakness Csci388 Wireless and Mobile Security Access Control:, EAP, and Xiuzhen Cheng cheng@gwu.edu 1. IV is too short and not protected from reuse 2. The per packet key is constructed from the IV,
More informationThe security of existing wireless networks
Security and Cooperation in Wireless Networks Cellular networks o o GSM UMTS WiFi LANs Bluetooth Security in Wireless Networks Wireless networks are more vulnerable to security issues: Broadcast communications
More informationConfiguring the Client Adapter through the Windows XP Operating System
APPENDIX E Configuring the Client Adapter through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in
More informationExam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ]
s@lm@n HP Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ] HP HP2-Z32 : Practice Test Question No : 1 What is a proper use for an ingress VLAN in an HP MSM VSC?
More informationSecuring a Wireless LAN
Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access
More informationNetwork Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2012
Network Security: WLAN Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline Wireless LAN technology Threats against WLANs Weak security mechanisms and historical WEP
More informationOutline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.
Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/
More informationWireless Networked Systems
Wireless Networked Systems CS 795/895 - Spring 2013 Lec #5: Medium Access Control High Throughput, Security Tamer Nadeem Dept. of Computer Science High Throughput Networks (802.11n) Slides adapted from
More informationDenial-of-Service Attacks Against the 4-way Wi-Fi Handshake
Denial-of-Service Attacks Against the 4-way Wi-Fi Handshake ABSTRACT Mathy Vanhoef and Frank Piessens imec-distrinet, KU Leuven firstname.lastname@cs.kuleuven.be Having a secure implementation of the 4-way
More informationAuthentication and Security: IEEE 802.1x and protocols EAP based
Authentication and Security: IEEE 802.1x and protocols EAP based Pietro Nicoletti piero[at]studioreti.it 802-1-X-2008-Eng - 1 P. Nicoletti: see note pag. 2 Copyright note These slides are protected by
More informationWireless technology Principles of Security
Wireless technology Principles of Security 1 Wireless technologies 2 Overview This module provides an introduction to the rapidly evolving technology of wireless LANs (WLANs). WLANs redefine the way the
More informationWIRELESS LAN/PAN/BAN. Objectives: Readings: 1) Understanding the basic operations of WLANs. 2) WLAN security
Objectives: 1) Understanding the basic operations of WLANs 2) WLAN security 3) Wireless body area networks (IEEE 802.15.6) Readings: 1. Kurose & Ross, Computer Networking: A Top-Down Approach (6th Edition),
More informationWIRELESS LAN SECURITY AND IEEE I
MIGRATION TOWARDS 4G WIRELESS C OMMUNICATIONS WIRELESS LAN SECURITY AND IEEE 802.11I JYH-CHENG CHEN, MING-CHIA JIANG, AND YI-WEN LIU NATIONAL TSING HUA UNIVERSITY Foreign AP Authentication server A A A
More informationTable of Contents 1 WLAN Security Configuration Commands 1-1
Table of Contents 1 WLAN Security Configuration Commands 1-1 authentication-method 1-1 cipher-suite 1-2 gtk-rekey client-offline enable 1-2 gtk-rekey enable 1-3 gtk-rekey method 1-4 ptk-lifetime 1-5 security-ie
More informationKey Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 Mathy Vanhoef @vanhoefm CCS 2017, 1 October 2017 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned 2 Overview
More informationNetwork Security: WLAN Mobility. Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017
Network Security: WLAN Mobility Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017 Outline Link-layer mobility in WLAN Password-based authentication for WLAN Eduroam case study 2 LINK-LAYER
More informationTroubleshooting WLANs
Troubleshooting WLANs Tips and tricks with practical examples!! by Gregor Vucajnk, Knowledge Services at Aerohive Networks email: gvucajnk(at)aerohive.com, twitter: @GregorVucajnk Get a free Aerohive AP/management
More informationSecurity Setup CHAPTER
CHAPTER 8 This chapter describes how to set up your bridge s security features. This chapter contains the following sections: Security Overview, page 8-2 Setting Up WEP, page 8-7 Enabling Additional WEP
More informationConfiguring the Client Adapter through the Windows XP Operating System
APPENDIX E through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in this appendix: Overview, page
More informationNetwork Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2014
Network Security: WLAN Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2014 Outline Wireless LAN technology Threats against WLANs (Weak security mechanisms and historical WEP)
More informationModeling and Verification of IEEE i Security Protocol for Internet of Things
Modeling and Verification of IEEE 802.11i Security Protocol for Internet of Things Yuteng Lu and Meng Sun LMAM & Department of Informatics, School of Mathematical Sciences, Peking University, Beijing,
More informationWireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design
Protocol Analysis and Design 1 Networks 1. WIRELESS NETWORKS 2 Networks 1. WIRELESS NETWORKS 1.1 WiFi 802.11 3 Networks OSI Structure 4 Networks Infrastructure Networks BSS : Basic Set Service ESS : Extended
More informationD. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.
Volume: 119 Questions Question No: 1 John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website.
More informationAppendix E Wireless Networking Basics
Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical
More informationA Configuration Protocol for Embedded Devices on Secure Wireless Networks
A Configuration Protocol for Embedded Devices on Secure Wireless Networks Larry Sanders lsanders@ittc.ku.edu 6 May 2003 Introduction Wi-Fi Alliance Formally Wireless Ethernet Compatibility Alliance (WECA)
More informationConfiguring Layer2 Security
Prerequisites for Layer 2 Security, page 1 Configuring Static WEP Keys (CLI), page 2 Configuring Dynamic 802.1X Keys and Authorization (CLI), page 2 Configuring 802.11r BSS Fast Transition, page 3 Configuring
More informationSecurity in IEEE Networks
Security in IEEE 802.11 Networks Mário Nunes, Rui Silva, António Grilo March 2013 Sumário 1 Introduction to the Security Services 2 Basic security mechanisms in IEEE 802.11 2.1 Hidden SSID (Service Set
More informationSequential Authentication Concept to Improve WLAN Handover Performance
Sequential Authentication Concept to Improve WLAN Handover Performance Andreas Roos 1,2,3, Arne Keller 2, Andreas Th. Schwarzbacher 3, and Sabine Wieland 1 1 Institute of Telecommunication-Informatics,
More informationChapter 10 Security Protocols of the Data Link Layer
Chapter 10 Security Protocols of the Data Link Layer IEEE 802.1x Point-to-Point Protocol (PPP) Point-to-Point Tunneling Protocol (PPTP) [NetSec], WS 2005/06 10.1 Scope of Link Layer Security Protocols
More informationExam Questions CWSP-205
Exam Questions CWSP-205 Certified Wireless Security Professional https://www.2passeasy.com/dumps/cwsp-205/ 1.. What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism
More informationKRACKing WPA2 in Practice Using Key Reinstallation Attacks. Mathy BlueHat IL, 24 January 2018
KRACKing WPA2 in Practice Using Key Reinstallation Attacks Mathy Vanhoef @vanhoefm BlueHat IL, 24 January 2018 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned
More informationSecure Wireless LAN Design and Deployment
Secure Wireless LAN Design and Deployment Mark Krischer CTO, Enterprise Networks Asia Pacific, Japan and Greater China Abstract The proliferation of mobile devices and the rise of BYOD has raised the profile
More informationChapter - 6 WIRELESS NETWORK SECURITY
Chapter - 6 WIRELESS NETWORK SECURITY Bhargavi H Goswami Assistant Professor Sunshine Group of Institutes Rajkot, Gujarat, India. Mob: 9426669020 Email: bhargavigoswami@gmail.com Topic List 1. IEEE 802.11
More informationThe 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013
The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013 Florin OGÎGĂU-NEAMŢIU National Defense University of Romania "Carol I"/ The Regional
More informationEXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product.
CWNP EXAM - PW0-204 Certified Wireless Security Professional (CWSP) Buy Full Product http://www.examskey.com/pw0-204.html Examskey CWNP PW0-204 exam demo product is here for you to test the quality of
More informationConfiguring a VAP on the WAP351, WAP131, and WAP371
Article ID: 5072 Configuring a VAP on the WAP351, WAP131, and WAP371 Objective Virtual Access Points (VAPs) segment the wireless LAN into multiple broadcast domains that are the wireless equivalent of
More informationWiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake Mathy Vanhoef - @vanhoefm imec-distrinet, KU Leuven Black Hat, 27 July 2017 Introduction More and more Wi-Fi network
More informationBluetooth SIG Liaison Report May 2009
Bluetooth SIG Liaison Report May 2009 Authors: Date: 2009-05-12 The Bluetooth word mark and logos are registered trademarks owned by Bluetooth SIG, Inc. and any use of such marks by Motorola, Inc. is under
More informationSecuring Wireless LANs with Certificate Services
1 Securing Wireless LANs with Certificate Services PHILIP HUYNH University of Colorado at Colorado Springs Abstract Wireless Local Access Network (WLAN) is used popularly in almost everywhere from the
More informationLab Configure Enterprise Security on AP
Lab 8.5.4.1 Configure Enterprise Security on AP Estimated Time: 30 minutes Number of Team Members: Students will work in teams of two. Objective In this lab, students will demonstrate an understanding
More informationImproving Channel Scanning Procedures for WLAN Handoffs 1
Improving Channel Scanning Procedures for WLAN Handoffs 1 Shiao-Li Tsao and Ya-Lien Cheng Department of Computer Science, National Chiao Tung University sltsao@cs.nctu.edu.tw Abstract. WLAN has been widely
More informationConfiguring the Client Adapter through Windows CE.NET
APPENDIX E Configuring the Client Adapter through Windows CE.NET This appendix explains how to configure and use the client adapter with Windows CE.NET. The following topics are covered in this appendix:
More informationTEPZZ 74_475A_T EP A1 (19) (11) EP A1 (12) EUROPEAN PATENT APPLICATION. (51) Int Cl.: H04L 29/12 ( )
(19) TEPZZ 74_47A_T (11) EP 2 741 47 A1 (12) EUROPEAN PATENT APPLICATION (43) Date of publication: 11.06.14 Bulletin 14/24 (1) Int Cl.: H04L 29/12 (06.01) (21) Application number: 131968.6 (22) Date of
More informationSelection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach
Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach David Gitonga Mwathi * William Okello-Odongo Elisha Opiyo Department of Computer Science and ICT
More informationNomadic Communications Labs. Alessandro Villani
Nomadic Communications Labs Alessandro Villani avillani@science.unitn.it Security And Wireless Network Wireless Security: Overview Open network Open network+ MAC-authentication Open network+ web based
More informationPrincess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content
More informationWhat is Eavedropping?
WLAN Security What is Eavedropping? War Driving War Driving refers to someone driving around with a laptop and an 802.11 client card looking for an 802.11 system to exploit. War Walking Someone walks
More informationKRACKing WPA2 by Forcing Nonce Reuse. Mathy Chaos Communication Congress (CCC), 27 December 2017
KRACKing WPA2 by Forcing Nonce Reuse Mathy Vanhoef @vanhoefm Chaos Communication Congress (CCC), 27 December 2017 Introduction PhD Defense, July 2016: You recommend WPA2 with AES, but are you sure that
More informationPhysical and Link Layer Attacks
Physical and Link Layer Attacks CMSC 414 November 1, 2017 Attenuation Physical links are subject to attenuation Copper cables have internal resistance, which degrades signal over large distances Fiber
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer
Managing and Securing Computer Networks Guy Leduc Chapter 7: Securing LANs Computer Networking: A Top Down Approach, 7 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2016. (section 8.8) Also
More informationKRACKing WPA2 by Forcing Nonce Reuse. Mathy Nullcon, 2 March 2018
KRACKing WPA2 by Forcing Nonce Reuse Mathy Vanhoef @vanhoefm Nullcon, 2 March 2018 Introduction PhD Defense, July 2016: You recommend WPA2 with AES, but are you sure that s secure? Seems so! No attacks
More informationNWD2705. User s Guide. Quick Start Guide. Dual-Band Wireless N450 USB Adapter. Version 1.00 Edition 1, 09/2012
NWD2705 Dual-Band Wireless N450 USB Adapter Version 1.00 Edition 1, 09/2012 Quick Start Guide User s Guide www.zyxel.com Copyright 2012 ZyXEL Communications Corporation IMPORTANT! READ CAREFULLY BEFORE
More informationSecuring Your Wireless LAN
Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP
More informationWireless LAN Security. Gabriel Clothier
Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group
More informationNomadic Communications Labs
Nomadic Communications Labs Alessandro Villani avillani@science.unitn.it Security And Wireless Network Wireless Security: Overview Open network Open network+ MAC-authentication Open network+ web based
More informationWireless KRACK attack client side workaround and detection
Wireless KRACK attack client side workaround and detection Contents Introduction Components used Requirements EAPoL Attack protections Why this works Possible impact How to identify if a client is deleted
More informationEFFICIENT MECHANISM FOR THE SETUP OF UE-INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING. 1. Introduction
Trends in Mathematics Information Center for Mathematical Sciences Volume 8, Number 1, June, 2005, Pages 77 85 EFFICIENT MECHANISM FOR THE SETUP OF -INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING SANG UK
More informationDiscovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing
Discovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing Mathy Vanhoef, Domien Schepers, Frank Piessens imec-distrinet, KU Leuven Asia CCS 2017 Introduction More and more Wi-Fi
More informationConfiguring the Client Adapter
CHAPTER 5 This chapter explains how to configure profile parameters. The following topics are covered in this chapter: Overview, page 5-2 Setting General Parameters, page 5-3 Setting Advanced Parameters,
More informationWireless Security Security problems in Wireless Networks
Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security
More information4.4 IEEE MAC Layer Introduction Medium Access Control MAC Management Extensions
4.4 IEEE 802.11 MAC Layer 4.4.1 Introduction 4.4.2 Medium Access Control 4.4.3 MAC Management 4.4.4 Extensions 4.4.3 802.11 - MAC management Synchronization try to find a LAN, try to stay within a LAN
More informationaccounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through
accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through encryption mode wep 1 accounting (SSID configuration) accounting (SSID configuration mode)
More informationFast and Secure Roaming in WLAN
Final thesis Fast and Secure Roaming in WLAN Performed for Ericsson AB by Magnus Falk LITH-IDA-EX--04/116--SE 2004-12-22 i Final thesis Fast and Secure Roaming in WLAN by Magnus Falk LiTH-IDA-EX--04/116--SE
More informationRoaming, Accounting and Seamless Handover in EAP-TLS Authenticated Networks
Roaming, Accounting and Seamless Handover in EAP-TLS Authenticated Networks Carolin Latze and Ulrich Ultes-Nitsche University of Fribourg, DIUF Fribourg, Switzerland E-Mail: {carolin.latze uun}@unifr.ch
More informationVol. 7, No. 6, June 2016 ISSN Journal of Emerging Trends in Computing and Information Sciences CIS Journal. All rights reserved.
Vol. 7,. 6, June 2016 ISSN 2079-8407 Algorithm for Selection of EAP Authentication Method for Use In A Public WLAN David Gitonga Mwathi 1, William Okello-Odongo 2, Elisha Opiyo 3 1 Department of Computer
More information