Advertisement

Elliptic Curve Cryptography Based Mechanism for Secure Wi-Fi Connectivity

  • Pranav Kumar SinghEmail author
  • Prateek Vij
  • Arpan Vyas
  • Sunit Kumar Nandi
  • Sukumar Nandi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11319)

Abstract

The connection establishment and client handover mechanism for Wi-Fi Protected Access (WPA/WPA2) Pre-Shared Key (PSK) networks described by the IEEE 802.11 standard are vulnerable to various attacks. The existing security protocols WPA/WPA2 use symmetric key cryptography to provide confidentiality and data authenticity. An attacker listening to the channel can eavesdrop on the four-way key handshaking and can also derive the encryption key. The well-known attacks are key recovery, man-in-middle, Hole 196, and de-authentication attack. Another key problem with the PSK mode is that all stations use the same key for authentication. In this paper, we propose an alternative to the existing mechanism for authentication and re-authentication during connection establishment and client handover, respectively that use Elliptic Curve Cryptography, a public key encryption technique. Our proposed mechanism uses a lesser number of frames during (re)-authentication and is immune to the existing vulnerabilities of WPA2 PSK.

Notes

Acknowledgments

The research work has been conducted in the Information Security Education and Awareness (ISEA) Lab of Indian Institute of Technology, Guwahati. The authors would like to acknowledge IIT, Guwahati and ISEA MeitY, India for the support.

References

  1. 1.
    Li, S., Da Xu, L., Zhao, S.: The internet of things: a survey. Inf. Syst. Front. 17(2), 243–259 (2015)CrossRefGoogle Scholar
  2. 2.
    Dimitrakopoulos, G., Demestichas, P.: Intelligent transportation systems. IEEE Veh. Technol. Mag. 5(1), 77–84 (2010)CrossRefGoogle Scholar
  3. 3.
    Sheldon, F.T., Weber, J.M., Yoo, S.M., Pan, W.D.: The insecurity of wireless networks. IEEE Secur. Priv. 10(4), 54–61 (2012)CrossRefGoogle Scholar
  4. 4.
    Kumar, V., Chakraborty, S., Barbhuiya, F.A., Nandi, S.: Detection of stealth man-in-the-middle attack in wireless Lan. In: 2012 2nd IEEE International Conference on Parallel Distributed and Grid Computing, PDGC, pp. 290–295. IEEE (2012)Google Scholar
  5. 5.
    Agarwal, M., Biswas, S., Nandi, S.: Advanced stealth man-in-the-middle attack in WPA2 encrypted wi-fi networks. IEEE Commun. Lett. 19(4), 581–584 (2015)CrossRefGoogle Scholar
  6. 6.
    Lauter, K.: The advantages of elliptic curve cryptography for wireless security. IEEE Wirel. Commun. 11(1), 62–67 (2004)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986).  https://doi.org/10.1007/3-540-39799-X_31CrossRefGoogle Scholar
  8. 8.
    Namal, S., Georgantas, K., Gurtov, A.: Lightweight authentication and key management on 802.11 with elliptic curve cryptography. In: 2013 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1830–1835. IEEE (2013)Google Scholar
  9. 9.
    Noh, J., Kim, J., Kwon, G., Cho, S.: Secure key exchange scheme for WPA/WPA2-PSK using public key cryptography. In: IEEE International Conference on Consumer Electronics-Asia (ICCE-Asia), pp. 1–4. IEEE (2016)Google Scholar
  10. 10.
    Noh, J., Kim, J., Cho, S.: Secure authentication and four-way handshake scheme for protected individual communication in public wi-fi networks. IEEE Access PP(99), 1 (2018)Google Scholar
  11. 11.
    Nakhila, O., Attiah, A., Jinz, Y., Zoux, C.: Parallel active dictionary attack on WPA2-PSK Wi-Fi networks. In: Military Communications Conference, MILCOM, pp. 665–670. IEEE (2015)Google Scholar
  12. 12.
    IEEE Std 802.11i, IEEE Standard for Wireless LAN Medium Access Control (MAC) and Physical Layer Specifications: Amendment 6: Medium Access Control Security EnhancementsGoogle Scholar
  13. 13.
    RFC 2865: IETF Standard for Remote Authentication Dial in User Service (RADIUS)Google Scholar
  14. 14.
    IEEE Std 802.1X, I: IEEE Standard for Port-Based Network Access ControlGoogle Scholar
  15. 15.
    Mishra, A., Shin, M., Arbaugh, W.: An empirical analysis of the IEEE 802.11 MAC layer handoff process. ACM SIGCOMM Comput. Commun. Rev. 33(2), 93–102 (2003)CrossRefGoogle Scholar
  16. 16.
    IEEE Std 802.11r /D01.0, Draft Amendment to Standard for Information Technology - Telecommunications and Information Exchange Between Systems - LAN/MAN Specific Requirements Part 11: Wireless Medium Access Control (MAC) and Physical Layer Specifications: Amendment 8: Fast BSS TransitionGoogle Scholar
  17. 17.
    Hintersteiner, J.: Wifi fast roaming. Accessed 03 Apr 2018Google Scholar
  18. 18.
    Sheldon, F.T., Weber, J.M., Yoo, S.M., Pan, W.D.: The insecurity of wireless networks. IEEE Secur. Priv. 10(4), 54–61 (2012)CrossRefGoogle Scholar
  19. 19.
    Paladino, A., Phanse, K., Ahmad, S.: Hole 196 vulnerability in WPA2. Airtight Networks (2010)Google Scholar
  20. 20.
    Ahmad, M.S.: Wpa too! DEF CON 18 (2010)Google Scholar
  21. 21.
    Stallings, W.: Cryptography and Network Security: Principles and Practice. Pearson, Upper Saddle River (2017)Google Scholar
  22. 22.
    Bafandehkar, M., Yasin, S.M., Mahmod, R., Hanapi, Z.M.: Comparison of ECC and RSA algorithm in resource constrained devices. In: 2013 International Conference on IT Convergence and Security (ICITCS), pp. 1–3, December 2013Google Scholar
  23. 23.
    Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)CrossRefGoogle Scholar
  24. 24.
    Vanhoef, M., Piessens, F.: Key reinstallation attacks: Forcing nonce reuse in WPA2. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1313–1328. ACM (2017)Google Scholar
  25. 25.
    Arif, M., Habib, A., Rufat, I., Azer, S.: Study and implementation of elliptic curve encryption algorithm for Azerbaijan E-ID card. Int. J. Innov. Res. Comput. Commun. Eng. 3(5), 3708–3713 (2015)Google Scholar
  26. 26.
    Sivakumar, C., Velmurugan, A.: High speed VLSI design CCMP AES cipher for WLAN (IEEE 802.11 i). In: International Conference on Signal Processing, Communications and Networking, ICSCN 2007, pp. 398–403. IEEE (2007)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Pranav Kumar Singh
    • 1
    Email author
  • Prateek Vij
    • 1
  • Arpan Vyas
    • 1
  • Sunit Kumar Nandi
    • 1
  • Sukumar Nandi
    • 1
  1. 1.Department of Computer Science and EngineeringIndian Institute of TechnologyGuwahatiIndia

Personalised recommendations