Analytical Study of IEEE 802.11i and its Improvement
Files
Date
2007
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Department of Computer Science and Information Technology
Abstract
IEEE 802.11i is the standard designed by IEEE to provide the enhanced MAC security in
the wireless network. The authentication process consists of three entities; the supplicant
(wireless device), the authenticator (access point) and the authentication server (de facto
RADIUS server). IEEE 802.11i provides mutual authentication between the network
access point and user devices prior to user connectivity. The protocol consists of several
parts, including an IEEE 802.1X authentication phase which uses TLS over EAP, the 4Way
Handshake
to
establish
a fresh session key, and an optional Group Key Handshake
for group communication. This study analyzes the IEEE 802.11i with respective to data
confidentiality, integrity, mutual authentication and availability. Theoretically the
analysis of the protocol was done by using Protocol Composition Logic (PCL) and
practically it was done by using standard network simulator namely ns2 (Network
Simulator 2) and also proposed the improvement to the protocol which was also verified
by using PCL theoretically and ns2 practically. IEEE 802.11i appears to provide effective
data confidentiality and integrity when CCMP is used. But since 802.11i design does not
emphasize availability, several DoS attacks are possible. This study reviews the known
DoS attacks on unprotected management frames and EAP frames, and discusses the way
to minimize them in 802.11i.
Keywords:
IEEE 802.11i, IEEE 802.1X, RADIUS, 4-Way Handshake, Group Key Handshake,
Denial of Service, Authentication, Key Management, Protocol Composition Logics.
Description
Keywords
IEEE 802.11i, Group Key Handshake, Key Management, Protocol Composition Logics