Alabdulatif, A and Ma, X ORCID: https://orcid.org/0000-0003-0074-4192, 2013. Analysing the EAP-TLS handshake and the 4-way handshake of the 802.11i standard. International Journal for Information Security Research (IJISR), 3 (34), pp. 439-448. ISSN 2042-4639
Preview |
Text
219482_PubSub1927_Ma.pdf Download (774kB) | Preview |
Abstract
The IEEE 802.11i standard has been designed to enhance security in wireless networks. The EAP-TLS handshake aims to provide mutual authentication between supplicant and authentication server, and then derive the Pairwise Master Key (PMK). In the 4 -way handshake the supplicant and the authenticator use PMK to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4- way handshake. In this paper, the EAP-TLS handshake and the 4-way handshake phases have been analysed with a proposed framework using Isabelle tool. In the analysis, we have found a new Denial-of-Service (DoS) attack in the 4-way handshake. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.
Item Type: | Journal article |
---|---|
Publication Title: | International Journal for Information Security Research (IJISR) |
Creators: | Alabdulatif, A. and Ma, X. |
Publisher: | Informatics Society |
Date: | 2013 |
Volume: | 3 |
Number: | 34 |
ISSN: | 2042-4639 |
Rights: | © 2013 Informatics Society |
Divisions: | Schools > School of Science and Technology |
Record created by: | EPrints Services |
Date Added: | 09 Oct 2015 09:56 |
Last Modified: | 09 Jun 2017 13:14 |
URI: | https://irep.ntu.ac.uk/id/eprint/5089 |
Actions (login required)
Edit View |
Statistics
Views
Views per month over past year
Downloads
Downloads per month over past year