Key Agreement & Authentication Protocol for IEEE 802.11

Table of contents

1. INTRODUCTION

iFi (Wireless Fidelity) networks based on IEEE 802.11 standard [1] are being widely deployed in different environment due to standardization and ease to use as well as low cost. However, this deployment is limited to hotspots, homes, offices, public zone including airports, etc. due to the limited coverage of Wi-Fi propagation and high cost of installing and maintaining a wired network backhaul connection [17][18]. An extension of the IEEE 802.11 standard known as 802.11s to achieve mesh networking is under specification and not finalized yet represents the proposed architecture and the main functional entities [20]. In section III, we investigate the AAA and security issues and we describe the solution adopted in our architecture to achieve a secure service and protection against attacks. Finally, section IV concludes the paper.

2. II.

3. USER AUTHENTICATION

User authentication can be based on a variety of authentication mechanisms such as Username/password, Universal SIM (USIM) and removable user identity Module (RUIM), etc. We will describe the authentication procedures for both user type A and user type B.

4. User Type A:

After completing the PMP Network Entry process & capabilities negotiation [6] [20], user type A starts the authentication process, based on PKM-EAP recommendations as follows:

? In order to initiate the EAP conversation, a user type A may send PKMv2-EAP-start message (Figure 3). Fig3 : User type A Authentication procedure

5. User Type B:

To obtain Internet access, a user first completes the network discovery process & sends an associate request to an AP. After the reception of an associate response, user type B starts the authentication process, based on WPA2 recommendations, by sending user authentication information (ex: user name & password), in order to be allowed to use network resources. To get a better idea of how the authentication will operate, the interactions between elements are illustrated in the diagram of Figure 4:

? The user type B send an EAP-start message.

? The AP replies with an EAP-request identity message.

? The user type B sends an EAP-response packet containing the identity to be sent to the authentication server [22]. In a secure environment, the AP, MBS and CBS forward this information to the authentication server [20].

Fig4 : User type A Authentication procedure

? The authentication server using a specific authentication algorithm verifies the user's identity [7]. This could be through the use of digital certificates or other EAP authentication type [7]. ? The authentication server will either send an acceptation (or reject) message to the AP. Then the AP sends an EAP-success packet (or fail) message to the user type B [7]. ? If the authentication server accepts the user type B, the AP will transit the user type B's port to an authorized state & forward additional traffic. This is similar to the AP automatically opening the gate to let in only people belonging to the group cleared for entry. In this procedure for user type B, all BS's are merely a secure conduit for the AAA messages & does not play a significant role in the AAA process.

6. III. SECURE AUTHENTICATION PROCESS BY USING HASH FUNCTION

The security steps are as follows:

Step 1: Client request for communication & send out a string as a challenge to A.P.

Step 2: A.P also sends out a string as a challenge to the Client.

Key Agreement & Authentication Protocol for IEEE 802.11

Step 3: Client & AP both calculate their corresponding string. and send the message digest value to the 2 nd Hash function.

Fig5 : Authentication in secure way using Hash Function

Step 4: Both calculates the message digest for the corresponding string & send to each other. Only the legitimate A.P And Client knows the hash algorithm. But the evil M.S is not able to produce correct value for the given string.

Step

7. IV. SECURE AUTHENTICATION PROCESS BY USING MATH FUNCTION

The security steps are as follows:

Step 1: Client request for communication & send out a number as a challenge to A.P.

Step 2: A.P also sends out a number as a challenge to Client.

Step 3: Client calculates the value of the number by applying Math function And sends the challenging value and its ISSI number to A.P.

Fig6 : Authentication in secure way using Math Function

8. WPA2 KEY GENERATION

9. FUNCTION LIBRARY

Handshake is accomplished by four EAPoL-Key messages between the client & the AP is initiated by the access point & performs the following tasks:

? Confirm the client's knowledge of the PMK. The PMK derivation, required to generate the PTK, is rely on the authentication method used. In WPA2 Personal mode, the PMK is derived from the authentication PSK & for WPA2 Enterprise mode the PMK is derived from the authentication MK [1] (key hierarchy in Fig. 7).

10. KEY HIERARCHY

11. KEY AGREEMENT ALGORITHM

To establishing shared secret between M.S & B.S, both must agrees on public constants p & g. where p is a prime number & g is the generator less than p [17].

Step 1: Let x and y be the private keys of M.S & B.S respectively. Private keys are random number, less than p.

Step 2: Let gx mod p and gy mod p be the public keys of devices M.S & B.S respectively Step 3: M.S and B.S exchanged their public keys.

Step 4: The end M.S computes (gy mod p)x mod p, which is equal to gyx mod p.

Step 5: The end B.S computes (gx mod p) y mod p, which is equal to gxy mod p.

Step 6: Since, K = gyx mod p=gxy mod p, shared secret = K.

12. a) Mathematical Explanation-Dh

From the properties of modular arithmetic,

x mod n * y mod n ? x * y ( mod n) .

We can write:

(x 1 mod n)*(x 2 mod n)*? *(x k mod n) ? x 1 * x 2 * ?* x k ( mod n),

if x i =x, where i = 1, 2, 3? k (x mod n)k ? x k mod n , (gx mod p)y mod p = gxy mod p & (gy mod p)x mod p = gyx mod p, For all integers gxy=gyx, Therefore shared secret K=gxy mod p=gyx mod p [17]. Since, it is practically impossible to find the private key x or y from the public key [17] gx mod p or gy mod p, it is impossible to obtain the shared secret K for a attacker [17]. b) One-way function in DH For M.S, Let x be the private key and a = gx mod p is the public key, Here, a = gx mod p is one-way function [17]. The public key a is obtained easily in the forward operation, but finding ?x' given a, g and p is the reverse operation & it will take exponentially longer time and is practically impossible. This is called discrete logarithm problem [17].

i. ECDH -elliptic curve diffie-hellman ECDH: a variant of DH, is a key agreement algorithm. To generate a shared secret between M.S and B.S using ECDH [14] [17], both have to agree up on Elliptic Curve domain parameters. An overview of ECDH is given below. dY*QX = L, Hence, K = L, therefore aK = aL Since it is practically not possible to find the private key dX or dY from the public key QX or QY, it is impossible to obtain the shared secret for a third party [17] [16].

ii. RSA It is a public key algorithm, which is used for Encryption, Signature and Key Agreement. It (RSA) typically uses keys of size 1024 to 2048 [17]. The RSA standard is specified as RFC 3447, RSA cryptography Specifications Version 2.1 [17]. Overviews of RSA algorithms are given below. Step 2: Find n=a*b, Where n is the modulus which is made public. The length of n is considered as the RSA key length [17].

Step 3: Choose a random number ?e' as a public key in the range 0<e<(a-1)(b-1) such that gcd(e,(a-1)(b-1))=1 [17] iii. Encryption Consider, B.S needs to send a message to M.S securely.

Step 5: Let e be M.S's public key, Since e is public, B.S has access to e.

Step 6: To encrypt the message M, represent the message as an integer in the range 0<M<n [17].

Step 7: Cipher text C = Me mod n, where n is the modulus [17].

13. iv. Decryption

Step 8: Let C be the cipher text received from B.S.

Step 9: Calculate Message M = Cd mod n, where d is M.S's private key & n is the modulus.

14. f) Key Agreement (RSA)

Public key cryptography involves mathematical operation on large numbers and these algorithms are considerably slow compared to the symmetric key algorithm [17]. They are too slow that it is unable to encrypt large amount of data. Public key encryption algorithm such as RSA can be used to encrypt small data such as keys which used in private key algorithm [17]. RSA is thus used as key agreement algorithm.

15. g) Key agreement algorithm

Establishing shared secret between B.S and M.S

Step 10: Generate a random number, key to B.S.

Step 11: Encrypt by RSA encryption algorithm using M.S's public key & pass the cipher text to M.S [17].

Step 12: M.S decrypt the cipher text using M.S's private key to obtain the key [17]. [17]. n is easily obtained by multiplying a & b but the reverse operation of factorizing n to obtain prime numbers a & b is practically impossible if a & b are large numbers. This encryption will be symmetric key encryption process & and it is suggested to use 'Vernam Cipher'encryption process rather than DES or AES to encrypt initial management communication [17].

Where key will be used as a random number for encryption .Because of the use of symmetric key encryption as well as Vernam Cipher which required only to performed bitwise Exclusive-OR operation, it will not introduce any traffic overhead in the network [17]. Encryption process is described in figure . X.

16. CONCLUSION

In this paper, an overview of security scheme in WiFi is presented. Attacks on authentication can be described as the ways by which a network can be intruded & the privacy of the users is compromised; if the user authorization & authentication stage is compromised. Therefore, the ways to breach the authentication frameworks are termed as attacks on privacy & key management protocols. But the hash based & function based authentication protocol will

Figure 1.
Journals Inc. (US) Global Journal of Computer Science and Technology Volume XI Issue XX Version I 59 responds by sending the SA-TEK request, and the MBS perform the procedure by sending the SA-TEK response. The SA-TEK proves liveliness of the security association in the user type A and its possession of the valid AK [22]. ? For each SA, the user requests from BS two TEKs which are randomly created by the MBS and transferred to the user [20]. ? Service flow Addition MAC management messages are used to create a new service flow [22].
Figure 2.
5: A.P & Client compare the corresponding message digest value. If it match then continue further communication. Otherwise, ceases the communication immediately (Fig 5).
Figure 3.
also calculates the value for the corresponding number & send to the Client. Only the legitimate A.P & Client knows the Math function. But the evil M.S is not able to produce correct value for the given number. A.P & Client compare the corresponding value of the number. If it matches then continue further communication, Otherwise, ceases the communication immediately (Fig 6).
Figure 4.
Key generation is accomplished by means of two handshakes: a 4-Way Handshake for PTK (Pair wise Transient Key) & GTK (Group Transient Key) derivation & a Group Key Handshake or GTK renewal. The 4-Way © 2011 Global Journals Inc. (US) Global Journal of Computer Science and Technology Volume XI Issue XX Version I
Figure 5. ?
Derive a fresh PTK, which is comprised of three types of keys: KCK (Key Confirmation Key -128 bits) used to check the integrity of EAPoL-Key frames, Key Encryption Key (KEK -128 bits) used to encrypt the GTK & the Temporal Keys (TK -128 bits) used to secure data traffic[1][7]. ? Install encryption & integrity keys. ? Encrypt transport of the GTK which is calculated by the AP from a random Group Master Key (GMK) [6]. ? Confirm the cipher suite selection. VII.
Figure 6. Fig7:
Fig7 : Pair wise key hierarchy
Figure 7. Fig8:
Fig8 : Encryption and Decryption Process
Figure 8. Table 1 :
1
Polynomial Log Trigonometric Exponential
Function Function Function Function
X 12 +3X Log2X-33X Cos5X/2 e 5X +44
190X +1/X 2X 11 +LogX Sin2X -21X e X +e 1/X
X 3 /5X X 3 /123Log2 Tan33X-X 2 e 44X +177
44/X 12 Log4X-230 2SinX+33TanX 1/e x
X 2 -1X+55X 3+ LogX 2 CotX -Sec2X e ?X
VI.
1
2
3
2011

Appendix A

  1. Security Vulnerability: Analysis & Solution, IEEE 802.16e. A.K.M. Nazmus Sakib, Dr. Muhammad Ibrahim Khan, Mir Md. Saki Kowsar, GJCST (ed.) October 2010. 10.
  2. , A K M Sakib . International Journal of Engineering Science and Technology IJEST.
  3. 802.11 Denialof-Service Attacks: Real Vulnerabilities and Practical Solutions, Bellardo John , Savage Stefan . 2003 Nov 7, 2003.
  4. Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2). Paul Arana, INFS 2006. p. 612.
  5. Deploying Wi-Fi Protected Access (WPAtm) and WPA2tm in the Enterprise. Wi-Fi Alliance, Feb. 27 2005.
  6. 802.11w fills wireless security holes. Epstein Joe . Network World Apr 3, 2006.
  7. Extensible Authentication Protocol, Nov. 26 2006. Nov27 2006. Wikimedia Foundation, Inc. 15 p. 39. (Wikipedia, Free Encyclopedia)
  8. Wireless LAN security guide"Revision 2, George Ou . 0 Jan 3 2005.
  9. Wi-Fi security -WEP, WPA and WPA2, Guillaume Lehembre . 2006. Jan.2006. 9.
  10. The Bell Labs Security Framework: Making the case for Endto-End Wi-Fi Security, Gupta Ashok , Theresa Buthmann . LucentTechnologies Sep. 11 2006.
  11. 802.1X Port-Based Authentication HowTo. Lars Strand . The Linux Documentation Project Oct 18, 2004.
  12. Learn the basics of WPA2 Wi-Fi security, Jan. 27 2006. (Bulk Frank)
  13. Secure Authentication & Key Exchange Technique for IEEE 802.16e by using Cryptographic Properties. Security Improvement of Multi & Broadcast services in IEEE 802.16e by removing Forward Secrecy"-A.K.M. NAZMUS SAKIB 1, August/September 2011. 22. 2011. 11. (A.K.M. Nazmus Sakib 1)
  14. Secure Key Exchange & Authentication Protocol For Multicast & Broad cast Service in IEEE 802. AP Journal Special Issue A.K.M. NAZMUS SAKIB 1 , Mir Md Saki Kawsor (ed.)
  15. Security Enhancement & Solution for Authentication Frame work in IEEE 802. International Journal of Computer Science & Information Technology A.K.M. NAZMUS SAKIB 1 , Academic & Industrial Colleboration Centre (ed.) 2010. 2 (6) .
  16. Secure Management of IEEE 802.11 Wireless LANs, Sood Kapil , Eszenyi Mathew . Intel Software Network.
  17. Understanding the updated WPA and WPA2 standards. ZDNet Blogs. Posted by George Ou June 2 2005.
  18. Wi-Fi Protected Access 2. IEEE 802.11i. International Journal of Engineering Science & Technology A.K.M. NAZMUS SAKIB 1 , Fariha Tasmin Jaigirdar, Muntasim Munim, Armin Akter (ed.) (Security Improvement of)
  19. Wi-Fi Protected Access 2 Data Encryption and Integrity, July 29 2005. (Microsoft TechNet. The Cable Guy)
  20. Wikipedia, The Free Encyclopedia, IEEE 802.11i. Nov 2006. Nov. 25 2006. Wikimedia Foundation, Inc. 10 p. 22.
  21. 802.11w security won't block DoS attacks, Wright Joshua . Jun 14, 2006. (Tech World)
  22. How 802.11w will improve wireless security. Wright Joshua . Network World May 29, 2006.
Notes
1
December
2
© 2011 Global Journals Inc. (US)
3
© 2011 Global Journals Inc. (US) Global Journal of Computer Science and Technology Volume XI Issue XX Version I
2011.
December
Home 
Date: 2011-12-07