802.11i Security Analysis: Can we build a secure WLAN?

Abstract: Security has become a serious concern in wireless local area networks. In order to eliminate the vulnerabilities in previous security mechanisms, IEEE Task Group i has designed 802.11i to provide enhanced MAC security in a WLAN system. In this talk i will discribe our analysis on the security of 802.11i with respect to data confidentiality, integrity, mutual authentication, and availability. Under our threat model, 802.11i could provide satisfactory data confidentiality, integrity and authentication, but there are still some problems left. Since the 802.11i design does not emphasize availability, several DoS attacks are possible. We analyze the vulnerability in the 4-Way Handshake and propose corresponding solutions, which are adopted by the IEEE TGi. Furthermore, we identify the RSN IE Poisoning and Rollback problem, which can be mitigated by some modifications on the standard and careful implementations. I will also review some other vulnerabilities and discuss their practicality. In order to address all these vulnerabilities and make the protocol more robust, we propose an improved variant of 802.11i with a different failure recovery strategy. Moreover, I will talk about two useful methodologies, finite-state verification and protocol logic, which we used to analyze the security of 802.11i.