TY - GEN
T1 - Security analysis and authentication improvement for IEEE 802.11i specification
AU - Xing, Xinyu
AU - Shakshuki, Elhadi
AU - Benoit, Darcy
AU - Sheltami, Tarek
PY - 2008
Y1 - 2008
N2 - The IEEE 802.11i amendment has been finalized to address the security issues in wireless local area networks. A prodigious amount of research has demonstrated that the IEEE 802.11i specification is sufficient to prevent unauthorized access and use. In this paper, we analyze the IEEE 802.11i wireless networking amendment with respect to data confidentiality, integrity, mutual authentication and availability. Our analysis indicates that a number of serious threats have still not been addressed by the 802.11i amendment. This includes DoS attacks, insider attacks, offline guessing attacks, etc. Furthermore, configuring security features on a commercial Wi-Fi network is moderately-to-very difficult. Towards this end, this paper proposes an improved authentication mechanism which adopts asymmetric cryptography and thus accomplishes link-layer frame protection. Through our further analysis and discussion, we conclude that the proposed mechanism not only prevents potential security threats but also accomplishes autonomic security configuration without human intervention.
AB - The IEEE 802.11i amendment has been finalized to address the security issues in wireless local area networks. A prodigious amount of research has demonstrated that the IEEE 802.11i specification is sufficient to prevent unauthorized access and use. In this paper, we analyze the IEEE 802.11i wireless networking amendment with respect to data confidentiality, integrity, mutual authentication and availability. Our analysis indicates that a number of serious threats have still not been addressed by the 802.11i amendment. This includes DoS attacks, insider attacks, offline guessing attacks, etc. Furthermore, configuring security features on a commercial Wi-Fi network is moderately-to-very difficult. Towards this end, this paper proposes an improved authentication mechanism which adopts asymmetric cryptography and thus accomplishes link-layer frame protection. Through our further analysis and discussion, we conclude that the proposed mechanism not only prevents potential security threats but also accomplishes autonomic security configuration without human intervention.
UR - http://www.scopus.com/inward/record.url?scp=67249125069&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=67249125069&partnerID=8YFLogxK
U2 - 10.1109/GLOCOM.2008.ECP.365
DO - 10.1109/GLOCOM.2008.ECP.365
M3 - Conference contribution
AN - SCOPUS:67249125069
SN - 9781424423248
T3 - GLOBECOM - IEEE Global Telecommunications Conference
SP - 1887
EP - 1891
BT - 2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
Y2 - 30 November 2008 through 4 December 2008
ER -