On the Security of Three Versions of the WAI Protocol in Chinese WLAN Implementation Plan

Tang, Qiang

doi:10.1109/chinacom.2007.4469395

Cited by 2 publications

(3 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3) AP must validates the message authentication code from AP. Li, Moon and Ma [8] show that the second version of the WAI protocol is secure in the CK (CanettiKrawczyk) model, but Tang [9] points out that the second version does not guarantee key authentication and entity authentication properties. For the third version of WAI protocol, a Diffie-Hellman key exchange over a group based on elliptic curves is adopted.…”

Section: Introductionmentioning

confidence: 98%

Security analysis of certificate authentication in Chinese WLAN standard

Song¹,

Hu²,

Chen³

2009

2009 International Conference on Advanced Technologies for Communications

View full text Add to dashboard Cite

The WAI (WLAN Authentication Infrastructure), is the authentication protocol in the Chinese Wireless LAN standard. This protocol, similar as 802.11i, adopts port-based access control and involves three entities in the authentication process. The three entities named in Chinese standard are ASUE (Wireless device), AE (Access Point) and ASE (Authentication Server). The WAI is composed of a mutual public key certificates authentication and a key-exchange agreement. We analyze the certificate authentication of WAI protocol using a finite-state verification tool and find that the authentication protocol can't resist the denial of service attack. Attackers can forge the messages to produce inconsistent keys in peers. Several amendments are discussed in this papers.

show abstract

Section: Introductionmentioning

confidence: 98%

Security analysis of certificate authentication in Chinese WLAN standard

Song¹,

Hu²,

Chen³

2009

2009 International Conference on Advanced Technologies for Communications

View full text Add to dashboard Cite

show abstract

“…3) AP must validates the message authentication code from AP. Li, Moon and Ma [8] show that the second version of the WAI protocol is secure in the CK (Canetti-Krawczyk) model, but Tang [9] points out that the second version does not guarantee key authentication and entity authentication properties. For the third version of WAI protocol, a Diffie-Hellman key exchange over a group based on elliptic curves is adopted.…”

Section: Introductionmentioning

confidence: 99%

“…For the third version of WAI protocol, a Diffie-Hellman key exchange over a group based on elliptic curves is adopted. Currently, Tang [9] and Wu et al [10] prove the security of the third version in CK model. Tie, Li and Huang et al [11] also use a formal logic of PCL (Protocol Composition Logic) to prove that WAPI certificate authentication protocol has guaranteed the required security prosperities.…”

Section: Introductionmentioning

confidence: 99%

The Denial of Service Attack Analysis of WLAN Authentication Infrastructure

Song¹,

Chen

Hu³

2009

2009 International Conference on Multimedia Information Networking and Security

View full text Add to dashboard Cite

The WAI (WLAN Authentication Infrastructure), which is composed of mutual certificate authentication and key agreement, is the authentication protocol in the Chinese Wireless LAN standard. In this paper, we analyze the WAI protocol using a finite-state verification tool Mur and find that the authentication protocol can't resist the denial of service attack. Attackers can forge the messages to produce inconsistent keys in peers. Three Denial-of-Service attacks are discussed in this paper. Two of those attacks are occurred in the mutual certificate authentication phase and one is found in the key agreement phase. Furthermore, several amendments are discussed in this paper.

show abstract

On the Security of Three Versions of the WAI Protocol in Chinese WLAN Implementation Plan

Cited by 2 publications

References 20 publications

Security analysis of certificate authentication in Chinese WLAN standard

Security analysis of certificate authentication in Chinese WLAN standard

The Denial of Service Attack Analysis of WLAN Authentication Infrastructure

Contact Info

Product

Resources

About