Analysing the EAP-TLS handshake and the 4-way handshake of the 802.11i standard

Alabdulatif, A and Ma, X ORCID logoORCID: https://orcid.org/0000-0003-0074-4192, 2013. Analysing the EAP-TLS handshake and the 4-way handshake of the 802.11i standard. International Journal for Information Security Research (IJISR), 3 (34), pp. 439-448. ISSN 2042-4639

[thumbnail of 219482_PubSub1927_Ma.pdf]
Preview
Text
219482_PubSub1927_Ma.pdf

Download (774kB) | Preview

Abstract

The IEEE 802.11i standard has been designed to enhance security in wireless networks. The EAP-TLS handshake aims to provide mutual authentication between supplicant and authentication server, and then derive the Pairwise Master Key (PMK). In the 4 -way handshake the supplicant and the authenticator use PMK to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4- way handshake. In this paper, the EAP-TLS handshake and the 4-way handshake phases have been analysed with a proposed framework using Isabelle tool. In the analysis, we have found a new Denial-of-Service (DoS) attack in the 4-way handshake. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack.

Item Type: Journal article
Publication Title: International Journal for Information Security Research (IJISR)
Creators: Alabdulatif, A. and Ma, X.
Publisher: Informatics Society
Date: 2013
Volume: 3
Number: 34
ISSN: 2042-4639
Rights: © 2013 Informatics Society
Divisions: Schools > School of Science and Technology
Record created by: EPrints Services
Date Added: 09 Oct 2015 09:56
Last Modified: 09 Jun 2017 13:14
URI: https://irep.ntu.ac.uk/id/eprint/5089

Actions (login required)

Edit View Edit View

Statistics

Views

Views per month over past year

Downloads

Downloads per month over past year