Security Analysis and Authentication Improvement for IEEE 802.11i Specification

Xing, Xinyu; Shakshuki, Elhadi M.; Benoit, D.; Sheltami, Tarek R.

doi:10.1109/glocom.2008.ecp.365

Cited by 19 publications

(15 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The success of authentication means the wireless device and the access point are identified and verified by each other and a secret key is established for exchanging encrypted data over WLANs. Figure 1 shows that the authentication procedures consists of six phases as follows: a) discover phase, b) authentication and association phase, c) EAP/802.1x/RADIUS authentication, d) 4-way handshake, e) group key handshake, f) secure data communication [9]. The first phase in the IEEE 802.11i standard is the network discovery phase.…”

Section: Overview Of the 80211i Standard Phasesmentioning

confidence: 99%

Analysing the EAP-TLS Handshake and the 4-Way Handshake of the 802.11i Standard

Alabdulatif¹,

Ma²

2014

IJISR

View full text Add to dashboard Cite

Section: Overview Of the 80211i Standard Phasesmentioning

confidence: 99%

Analysing the EAP-TLS Handshake and the 4-Way Handshake of the 802.11i Standard

Alabdulatif¹,

Ma²

2014

IJISR

View full text Add to dashboard Cite

“…Validation token should be hard to guess for attacker who does not already have access to the user's account. If a request is missing a token or the token does not match the expected value, the web application should reject the request and prompt the user [18].…”

Section: A Secret Validation Tokenmentioning

confidence: 99%

“…This scheme sends additional information with each HTTP request to determine whether the request came from an authorized user. To apply token, web applications must first create a "presession,", and then proceed forward a real session after successful authentication [18]. Validation token should be hard to guess for attacker who does not already have access to the user's account.…”

Section: A Secret Validation Tokenmentioning

confidence: 99%

Building a Robust Client-Side Protection Against Cross Site Request Forgery

Alameen¹

2015

ijacsa

View full text Add to dashboard Cite

Abstract-In recent years, the web has been an indispensable part of business all over the world and web browsers have become the backbones of today's systems and applications. Unfortunately, the number of web application attacks has increased a great deal, so the matter of concern is securing web applications. One of the most serious cyber-attacks has been by cross site request forgery (CSRF). CSRF has been recognized among the major threats to web applications and among the top ten worst vulnerabilities for web applications. In a CSRF attack, an attacker takes liberty be authorized to take a sensitive action on a target website on behalf of a user without his knowledge. This paper, providing an overview about CSRF attack, describes the various possible attacks, the developed solutions, and the risks in the current preventive techniques. This paper comes up with a highly perfect protection mechanism against reflected CSRF called RCSR. RCSR is a tool gives computer users with full control on the attack. RCSR tool relies on specifying HTTP request source, whether it comes from different tab or from the same one of a valid user, it observes and intercepts every request that is passed through the user's browser and extracts session information, post the extracted information to the Server, then the server create a token for user's session. We checked the working of RCSR extension, our evaluation results show that it is working well and it successfully protects web applications against reflected CSRF.

show abstract

“…The success of authentication means the wireless device and the access point are identified and verified by each other and a secret key is established for exchanging encrypted data over WLANs. The authentication procedure consists of six phases as follows: a) discover phase, b) authentication and association phase, c) EAP/802.1x/RADIUS authentication, d) 4-way handshake, e) group key handshake, f) secure data communication [8].…”

Section: Ieee80211i Standardmentioning

confidence: 99%

Analysing and attacking the 4-way handshake of IEEE 802.11i standard

Luo

Han

et al. 2013

2013 IEEE Third International Conference on Information Science and Technology (ICIST)

View full text Add to dashboard Cite

Abstract-The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-ofService (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.

show abstract

Security Analysis and Authentication Improvement for IEEE 802.11i Specification

Cited by 19 publications

References 9 publications

Analysing the EAP-TLS Handshake and the 4-Way Handshake of the 802.11i Standard

Analysing the EAP-TLS Handshake and the 4-Way Handshake of the 802.11i Standard

Building a Robust Client-Side Protection Against Cross Site Request Forgery

Analysing and attacking the 4-way handshake of IEEE 802.11i standard

Contact Info

Product

Resources

About