Skip to main content

Modelling of 802.11 4-Way Handshake Attacks and Analysis of Security Properties

  • 462 Accesses

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12386)

Abstract

The IEEE 802.11 standard defines a 4-way handshake between a supplicant and an authenticator for secure communication. Many attacks such as KRACK, cipher downgrades, and key recovery attacks have been recently discovered against it. These attacks raise the question as to whether the implementation violates one of the required security properties or whether the security properties are insufficient. To the best of our knowledge, this is the first work that shows how to answer this question using formal methods. We model and analyse a variety of these attacks using the Tamarin prover against the security properties mandated by the standard for the 4-way handshake. This lets us see which security properties are violated. We find that our Tamarin models vulnerable to the KRACK attacks do not violate any of the standard’s security properties, indicating that the properties, as specified by the standard, are insufficient. We propose an additional security property and show that it is violated by systems vulnerable to KRACK attacks, and that enforcing this property is successful in stopping them. We demonstrate how to use Tamarin to automatically test the adequacy of a set of security properties against attacks, and that the suggested mitigations make 802.11 secure against these attacks.

Keywords

  • IEEE 802.11
  • WPA2
  • 4-way handshake
  • Group key handshake
  • KRACK attack
  • Downgrade attack
  • Tamarin prover
  • SAPiC

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-59817-4_1
  • Chapter length: 19 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   39.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-59817-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   54.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.

References

  1. IEEE Standard for Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. IEEE Std. 802.11-1997, November 1997

    Google Scholar 

  2. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 6. IEEE Std. 802.11i-2004, July 2004

    Google Scholar 

  3. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. IEEE Std. 802.11-2016, December 2016

    Google Scholar 

  4. IEEE Standard for Local and Metropolitan Area Networks-Port-Based Network Access Control. IEEE Std. 802.1X-2020, February 2020

    Google Scholar 

  5. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. ACM SIGPLAN Not. 36(3), 104–115 (2001)

    CrossRef  Google Scholar 

  6. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_21

    CrossRef  Google Scholar 

  7. Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.02: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial, July 2020

    Google Scholar 

  8. Cremers, C.: On the protocol composition logic PCL. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS), Tokyo, Japan, pp. 66–76, March 2008

    Google Scholar 

  9. Cremers, C., Kiesl, B., Medinger, N.: A formal analysis of IEEE 802.11’s WPA2: countering the kracks caused by cracking the counters. In: Proceedings of the USENIX Security Symposium (USENIX Security), pp. 1–17. Virtual Event, August 2020 (to appear)

    Google Scholar 

  10. Datta, A., Derek, A., Mitchell, J.C., Roy, A.: Protocol composition logic (PCL). Electron. Notes Theor. Comput. Sci. 172, 311–358 (2007)

    MathSciNet  CrossRef  Google Scholar 

  11. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    MathSciNet  CrossRef  Google Scholar 

  12. Harkins, D., Malinen, J.: Addressing the issue of nonce reuse in 802.11 implementations, October 2017. https://mentor.ieee.org/802.11/dcn/17/11-17-1602-03-000m-nonce-reuse-prevention.docx

  13. He, C., Mitchell, J.C.: Analysis of the 802.11i 4-way handshake. In: Proceedings of the ACM Workshop on Wireless Security (WiSe), Philadelphia, PA, pp. 43–50, October 2004

    Google Scholar 

  14. He, C., Sundararajan, M., Datta, A., Derek, A., Mitchell, J.C.: A modular correctness proof of IEEE 802.11i and TLS. In: ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, pp. 2–15, November 2005

    Google Scholar 

  15. Joux, A.: Authentication failures in NIST version of GCM. Pub. C. to NIST (2006)

    Google Scholar 

  16. Kremer, S., Künnemann, R.: Automated analysis of security protocols with global state. J. Comput. Secur. 24(5), 583–616 (2016)

    CrossRef  Google Scholar 

  17. Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW), Rockport, MA, pp. 31–43, June 1997

    Google Scholar 

  18. Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48

    CrossRef  Google Scholar 

  19. Singh, R.R., Moreira, J., Chothia, T., Ryan, M.D.: TAMARIN prover models of attacks on the 802.11 4-way handshake to verify security properties (source code and proofs) (2020). http://people.du.ac.in/~rrsingh/wpa2models

  20. McMahon Stone, C., Chothia, T., de Ruiter, J.: Extending automated protocol state learning for the 802.11 4-way handshake. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11098, pp. 325–345. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99073-6_16

    CrossRef  Google Scholar 

  21. Vanhoef, M., Piessens, F.: Predicting, decrypting, and abusing WPA2/802.11 group keys. In: Proceedings of the USENIX Security Symposium, pp. 673–688 (2016)

    Google Scholar 

  22. Vanhoef, M., Piessens, F.: Key reinstallation attacks: forcing nonce reuse in WPA2. In: Proceedings of the ACM Conference on Computer and Communications Security (CSS), Dallas, TX, pp. 1313–1328 (2017)

    Google Scholar 

  23. Wi-Fi Alliance: Security update october 2017, October 2017. https://www.wi-fi.org/security-update-october-2017

Download references

Acknowledgements

We would like to thank Robert Künnemann, Chris McMahon Stone and Mathy Vanhoef for useful discussions. We would also like to thank the anonymous reviewers for their insightful comments and suggestions. This work was partially supported by the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 779391 (FutureTPM).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Rajiv Ranjan Singh .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Singh, R.R., Moreira, J., Chothia, T., Ryan, M.D. (2020). Modelling of 802.11 4-Way Handshake Attacks and Analysis of Security Properties. In: Markantonakis, K., Petrocchi, M. (eds) Security and Trust Management. STM 2020. Lecture Notes in Computer Science(), vol 12386. Springer, Cham. https://doi.org/10.1007/978-3-030-59817-4_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-59817-4_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-59816-7

  • Online ISBN: 978-3-030-59817-4

  • eBook Packages: Computer ScienceComputer Science (R0)