Conference paper Open Access

Modelling of 802.11 4-Way Handshake Attacks and Analysis of Security Properties

Singh, R.; Moreira, J.; Chothia, T.; Ryan, M.


MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="http://www.loc.gov/MARC21/slim">
  <leader>00000nam##2200000uu#4500</leader>
  <datafield tag="041" ind1=" " ind2=" ">
    <subfield code="a">eng</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">IEEE 802.11</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">WPA2  4-way handshake</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Group key handshake</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Downgrade attack</subfield>
  </datafield>
  <controlfield tag="005">20201008002657.0</controlfield>
  <controlfield tag="001">4066507</controlfield>
  <datafield tag="711" ind1=" " ind2=" ">
    <subfield code="d">17-18 September 2020)</subfield>
    <subfield code="g">STM 2020</subfield>
    <subfield code="a">16th International Workshop on Security and Trust Management</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">University of Birmingham</subfield>
    <subfield code="a">Moreira, J.</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">University of Birmingham</subfield>
    <subfield code="a">Chothia, T.</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">University of Birmingham</subfield>
    <subfield code="a">Ryan, M.</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">1059144</subfield>
    <subfield code="z">md5:75b0251f45272011c7c9ddf1f6b1c812</subfield>
    <subfield code="u">https://zenodo.org/record/4066507/files/41-Modelling-and-Analysis-of-802114-Way-Handshake-Attacks-and-Security-Properties.pdf</subfield>
  </datafield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  </datafield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2020-10-05</subfield>
  </datafield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="p">user-futuretpm-h2020</subfield>
    <subfield code="o">oai:zenodo.org:4066507</subfield>
  </datafield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">University of Birmingham</subfield>
    <subfield code="a">Singh, R.</subfield>
  </datafield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">Modelling of 802.11 4-Way Handshake Attacks and Analysis of Security Properties</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">user-futuretpm-h2020</subfield>
  </datafield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">779391</subfield>
    <subfield code="a">Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module</subfield>
  </datafield>
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u">https://creativecommons.org/licenses/by/4.0/legalcode</subfield>
    <subfield code="a">Creative Commons Attribution 4.0 International</subfield>
  </datafield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2">opendefinition.org</subfield>
  </datafield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;The IEEE 802.11 standard de nes a 4-way handshake between a supplicant and authenticator for secure communication. Many attacks such as KRACK, cipher downgrades, and key recovery attacks have been recently discovered against it. These attacks raise the question as to whether the implementation violates one of the required security properties or whether the security properties are insucient. To the best of our knowledge, this is the rst work that shows how to answer this question using formal methods. We model and analyse a variety of these attacks using the Tamarin prover against the security properties mandated by the standard for the 4-way handshake. This lets us see which security properties are violated. We nd that our Tamarin models vulnerable to the KRACK attacks do not violate any of the standard&amp;#39;s security properties, indicating that the properties, as speci ed by the standard, are insucient. We propose an additional security property and show that it is violated by systems vulnerable to KRACK attacks, and that enforcing this property is successful in stopping them. We demonstrate how to use Tamarin to automatically test the adequacy of a set of security properties against attacks, and that the suggested mitigations make 802.11 secure against these attacks.&lt;/p&gt;</subfield>
  </datafield>
  <datafield tag="773" ind1=" " ind2=" ">
    <subfield code="n">doi</subfield>
    <subfield code="i">isPreviousVersionOf</subfield>
    <subfield code="a">10.1007/978-3-030-59817-4_1</subfield>
  </datafield>
  <datafield tag="773" ind1=" " ind2=" ">
    <subfield code="n">doi</subfield>
    <subfield code="i">isVersionOf</subfield>
    <subfield code="a">10.5281/zenodo.4066506</subfield>
  </datafield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.5281/zenodo.4066507</subfield>
    <subfield code="2">doi</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">conferencepaper</subfield>
  </datafield>
</record>
25
20
views
downloads
All versions This version
Views 2525
Downloads 2020
Data volume 21.2 MB21.2 MB
Unique views 2525
Unique downloads 1818

Share

Cite as