Abstract
This article describes some weaknesses in the key scheduling in Wi-Fi Protected Access (WPA) put forward to secure the IEEE standard 802.11-1999. Given a few RC4 packet keys in WPA it is possible to find the Temporal Key (TK) and the Message Integrity Check (MIC) key. This is not a practical attack on WPA, but it shows that parts of WPA are weak on their own. Using this attack it is possible to do a TK recovery attack on WPA with complexity O(2105) compared to a brute force attack with complexity O (2128).
- IEEE Std 802.11, Standards for Local and Metropolitan Area Networks: Wireless Lan Medium Access Control (MAC) and Physical Layer (PHY) Specifications, 1999.]]Google Scholar
- Airsnort, airsnort.shmoo.com/]]Google Scholar
- N. Borisov, I. Goldberg, and D. Wagner. Intercepting mobile communications: the insecurity of 802.11. MOBICOM, July 2001.]] Google ScholarDigital Library
- S. Fluhrer, I. Mantin, and A. Shamir. Weaknesses in the key scheduling algorithm of rc4. Eighth Annual Workshop on Selected Areas in Cryptography, August 2001.]] Google ScholarDigital Library
- R. Housley, D. Whiting, and N. Ferguson. Alternate temporal key hash. IEEE doc. 802.11-02/282r2, April 2002.]]Google Scholar
- N. Ferguson. Michael: an improved MIC for 802.11 WEP. IEEE doc. 802.11-2/020r0, January 2002.]]Google Scholar
- IEEE Std 802.1X, Standards for Local and Metropolitan Area Networks: Port-Based Access Control, 2001.]]Google Scholar
Recommendations
Practical verification of WPA-TKIP vulnerabilities
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications securityWe describe three attacks on the Wi-Fi Protected Access Temporal Key Integrity Protocol (WPA-TKIP). The first attack is a Denial of Service attack that can be executed by injecting only two frames every minute. The second attack demonstrates how ...
Practical attacks against WEP and WPA
WiSec '09: Proceedings of the second ACM conference on Wireless network securityIn this paper, we describe two attacks on IEEE 802.11 based wireless LANs. The first attack is an improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key. The second attack ...
Practical Side-Channel Attacks against WPA-TKIP
Asia CCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications SecurityWe measure the usage of cipher suites in protected Wi-Fi networks, and do this for several distinct geographic areas. Surprisingly, we found that 44.81% of protected networks still support the old WPA-TKIP cipher. Motivated by this, we systematically ...
Comments