Abstract
This chapter considers wireless local area network (WLAN) security. The focus is WLANs based on the IEEE 802.11 standard, and related subsets marketed under the Wi-Fi brand by an industry association to facilitate product interoperability.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, and H. Levkowetz. RFC 3748: Extensible Authentication Protocol (EAP), June 2004. IETF Proposed Standard; obsoletes RFC 2284, updated by RFC 5247.
B. Aboba and P. Calhoun. RFC 3579: RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP), Sept. 2003. Informational RFC; updates RFC 2869.
B. Aboba, D. Simon, and P. Eronen. RFC 5247: Extensible Authentication Protocol (EAP) Key Management Framework, Aug. 2008. IETF Proposed Standard; updates RFC 3748.
J. Bellardo and S. Savage. 802.11 denial-of-service attacks: Real vulnerabilities and practical solutions. In USENIX Security, pages 15-27, 2003.
F. Bersani and H. Tschofenig. RFC 4764: The EAP-PSK Protocol—A Pre-Shared Key Extensible Authentication Protocol (EAP) Method, Jan. 2007. Experimental RFC.
A. Bittau, M. Handley, and J. Lackey. The final nail in WEP's coffin. In IEEE Symp. Security and Privacy, pages 386-400, 2006.
N. Borisov, I. Goldberg, and D. A. Wagner. Intercepting mobile communications: The insecurity of 802.11. In ACM MobiCom, pages 180-188, 2001.
N. Cam-Winget, D. McGrew, J. Salowey, and H. Zhou. RFC 4851: Flexible Authentication via Secure Tunneling Extensible Authentication Protocol Method (EAP-FAST), May 2007. Informational RFC.
C. Cremers, B. Kiesl, and N. Mediner. A formal analysis of IEEE 802.11's WPA2: Countering the KRACKs caused by cracking the counters. In USENIX Security, 2020.
E. Dawson andL. Nielsen. Automated cryptanalysis of XOR plaintext strings. Cryptologia, 20(2):165- 181, 1996.
J. Edney and W. A. Arbaugh. Real 802.11 Security: Wi-Fi Protected Access and 802.11i. Addison- Wesley, 2003.
V. Fajardo, J. Arkko, J. Loughney, and G. Zorn. RFC 6733: Diameter Base Protocol, Oct. 2012. IETF Proposed Standard; updated by RFCs 7075 and 8553, obsoletes RFCs 3588 and 5719.
S. R. Fluhrer, I. Mantin, and A. Shamir. Weaknesses in the key scheduling algorithm of RC4. In Workshop on Selected Areas in Cryptography (SAC), pages 1-24, 2001.
P. Funk and S. Blake-Wilson. RFC 5281: Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0), Aug. 2008. Informational RFC.
D. Harkins. Simultaneous Authentication of Equals: A secure, password-based key exchange for mesh networks. In Sensor Tech. and Applications (SensorComm), pages 839-844, 2008. See warning in [19].
D. Harkins. RFC 7664: Dragonfly Key Exchange, Nov. 2015. Informational RFC.
D. Harkins. RFC 8146: Adding Support for Salted Password Databases to EAP-pwd, Apr. 2017. Informational RFC; updates RFC 5931. Note: EAP-pwd is based on the Dragonfly key exchange.
D. Harkins and W. Kumari. RFC 8110: Opportunistic Wireless Encryption, Mar. 2017. Informational.
D. Harkins and G. Zorn. RFC 5931: Extensible Authentication Protocol (EAP) Authentication Using Only a Password, Aug. 2010. Informational; updated by RFC 8146 [17]. RFC 5931's official Errata notes that the EAP-pwd key exchange (Dragonfly) of RFC 7664 [16] addresses a side-channel attack on the method in 5931, and that consequently the method in 7664 should be used instead.
R. Housley and B. Aboba. RFC 4962: Guidance for Authentication, Authorization, and Accounting (AAA) Key Management, July 2007. IETF Best Current Practice.
IEEE Computer Society. IEEE Std 802.11-2007, Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. June 2007 (1184 pages), incorporating the 8 amendments since 802.11-1999; superseded by 802.11-2012 (2695 pages) and 802.11-2016. The IEEE 802 group addresses Local and Metropolitan Area Networks (LANs and MANs).
IEEE Computer Society. IEEE Std 802.11i-2004, Amendment 6: Medium Access Control (MAC) Security Enhancements, Jul 2004. 175 pages. Provides security enhancements for 802.11-1999 [21].
IEEE Computer Society. IEEE Std 802.1X-2010: Port-Based Network Access Control, Feb 2010. 205 pages. Revises 802.1X-2004; superseded by 802.1X-2020. The IEEE 802 group addresses Local and Metropolitan Area Networks (LANs and MANs).
G. Lehembre. Wi-Fi security—WEP, WPA and WPA2. Hakin9 (magazine), pages 2-15, Jun 2005. https://hakin9.org/.
B. Lloyd and W. Simpson. RFC 1334: PPP Authentication Protocols, Oct. 1992. IETF Proposed Standard; obsoleted by RFC 1994 (PPP CHAP [45]).
E. N. Lorente, C. Meijer, and R. Verdult. Scrutinizing WPA2 password generating algorithms in wireless routers. In USENIX Workshop on Offensive Technologies (WOOT), 2015.
I. Mantin. A practical attack on the fixed RC4 in the WEP mode. In ASIACRYPT, pages 395-411, 2005.
J. Mason, K. Watkins, J. Eisner, and A. Stubblefield. A natural language approach to automated crypt- analysis of two-time pads. In ACM Comp. & Comm. Security (CCS), pages 235-244, 2006.
R. McEliece. Finite Fields for Computer Scientists and Engineers. Kluwer, 1987.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. Openly available, http://cacr.uwaterloo.ca/hac/.
A. Mishra, N. L. Petroni Jr., W. A. Arbaugh, and T. Fraser. Security issues in IEEE 802.11 wireless local area networks: A survey. Wireless Communications and Mobile Computing, 4(8):821-833, 2004.
R. Moskowitz. Weakness in passphrase choice in WPA interface. WNN Wi-Fi Net News. 4 Nov 2003.
D. Nelson and A. DeKok. RFC 5080: Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes, Dec. 2007. IETF Proposed Standard; updates RFCs 2865, 2866, 2869, 3579.
NIST. Special Pub 800-97, Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i. U.S. Dept. of Commerce, Feb 2007.
NIST. Special Pub 800-121 r2: Guide to Bluetooth Security. U.S. Dept. of Commerce, May 2017.
NIST. (Draft) Special Pub 800-124 r2: Guidelines for Managing the Security of Mobile Devices in the Enterprise. U.S. Dept. of Commerce, Mar 2020.
A. Palekar, D. Simon, J. Salowey, H. Zhou, G. Zorn, and S. Josefsson. Protected EAP Protocol (PEAP) Version 2. Internet-Draft (Category: Informational, EAP Working Group), 15 October 2004, draft-josefsson-pppext-eap-tls-eap-10.txt. See also Chapter 9 in [11].
C. Rigney, W. Willats, and P. Calhoun. RFC 2869: RADIUS Extensions, June 2000. Informational RFC; updated by RFC 3579, see also RFC 5080.
C. Rigney, S. Willens, A. Rubens, and W. Simpson. RFC 2865: Remote Authentication Dial In User Service (RADIUS), June 2000. IETF Draft Standard. Obsoletes RFC 2138, which obsoleted 2058; updated by RFCs 2868, 3575, 5080, 6929, and 8044. See also RFC 5176.
B. Schneier, Mudge, and D. A. Wagner. Cryptanalysis of Microsoft's PPTP authentication extensions (MS-CHAPv2). In Secure Networking—CQRE (Secure), pages 192-203. Springer LNCS 1740, 1999.
P. Sepehrdad, P. Susil, S. Vaudenay, and M. Vuagnoux. Smashing WEP in a passive attack. In Fast Software Encryption, pages 155-178, 2013. Extended version (2015, 65 pages): "Tornado attack on RC4 with applications to WEP and WPA".
Y. Sheffer, G. Zorn, H. Tschofenig, and S. Fluhrer. RFC 6124: An EAP Authentication Method Based on the Encrypted Key Exchange (EKE) Protocol, Feb. 2011. Informational RFC.
D. Simon, B. Aboba, and R. Hurst. RFC 5216: The EAP-TLS Authentication Protocol, Mar. 2008. IETF Proposed Standard; obsoletes RFC 2716.
W. Simpson. RFC 1661: The Point-to-Point Protocol (PPP), July 1994. IETF Internet Standard.
W. Simpson. RFC 1994: PPP Challenge Handshake Authentication Protocol (CHAP), Aug. 1996. IETF Draft Standard; obsoletes RFC 1334.
E. Skoudis and T. Liston. Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd edition). Prentice Hall, 2006 (first edition: 2001).
S. G. Stubblebine and V. D. Gligor. On message integrity in cryptographic protocols. In IEEE Symp. Security and Privacy, pages 85-104, 1992.
A. Stubblefield, J. Ioannidis, and A. D. Rubin. Key recovery attack on the 802.11b wired equivalent privacy protocol (WEP). ACM Trans. Inf. Systems and Security, 7(2):319-332, 2004. Extends NDSS 2002 paper.
E. Tews and M. Beck. Practical attacks against WEP and WPA. In ACM WiSec, pages 79-86, 2009.
E. Tews, R. Weinmann, and A. Pyshkin. Breaking 104 bit WEP in less than 60 seconds. In Workshop on Information Security Applications (WISA), pages 188-202, 2007.
M. Vanhoef, C. Matte, M. Cunche, L. S. Cardoso, and F. Piessens. Why MAC address randomization is not enough: An analysis of Wi-Fi network discovery mechanisms. In AsiaCCS, pages 413-424, 2016.
M. Vanhoef and F. Piessens. Key reinstallation attacks: Forcing nonce reuse in WPA2. In ACM Comp. & Comm. Security (CCS), pages 1313-1328, 2017. See also https://www.krackattacks.com/, and the authors' CCS 2018 follow-up, "Release the Kraken: New KRACKs in the 802.11 standard".
M. Vanhoef and E. Ronen. Dragonblood: A security analysis of WPA3's SAE handshake. In IEEE Symp. Security and Privacy, 2020.
S. Viehbock. Brute forcing Wi-Fi Protected Setup. Technical report, 26 Dec 2011 (version 3).
D. Whiting, R. Housley, and N. Ferguson. RFC 3610: Counter with CBC-MAC (CCM), Sept. 2003. Informational RFC.
Wi-Fi Alliance. Wi-Fi Easy Connect Specification (Version 2.0). 14 Dec 2020 (revises: Version 1.0, Device Provisioning Protocol Specification, 9 Apr 2018), https://www.wi-fi.org.
Wi-Fi Alliance. WPA3 Specification (Version 2.0). 20 Dec 2019, https://www.wi-fi.org.
K. Wierenga and L. Florio. Eduroam: past, present and future. Computational Methods in Science and Technology, 11(2):169-173, 2005. See also: https://www.eduroam.org.
H. Y. Youm. Extensible Authentication Protocol overview and its applications. IEICE Trans. Inf. Syst., 92-D(5):766-776, 2009.
G. Zorn. RFC 2759: Microsoft PPP CHAP Extensions, Version 2, Jan. 2000. Informational RFC; improves on MS-CHAPv1 (RFC 2433).
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s)
About this chapter
Cite this chapter
van Oorschot, P.C. (2021). Wireless LAN Security: 802.11 and Wi-Fi. In: Computer Security and the Internet. Information Security and Cryptography. Springer, Cham. https://doi.org/10.1007/978-3-030-83411-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-83411-1_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-83410-4
Online ISBN: 978-3-030-83411-1
eBook Packages: Computer ScienceComputer Science (R0)