article

Free access

Security flaws in 802.11 data link protocols

Authors:

Nancy Cam-Winget,

Russ Housley,

David Wagner,

Jesse WalkerAuthors Info & Claims

Communications of the ACM, Volume 46, Issue 5

Pages 35 - 39

https://doi.org/10.1145/769800.769823

Published: 01 May 2003 Publication History

All formats PDF

Abstract

Understanding the difficulties in security protocol design and attempting to relocate the struggle between hacker and defender to a different protocol layer.

References

[1]

Arbaugh, W. An Inductive Chosen Plaintext Attack Against WEP/WEP2. IEEE Document 802.11-02/230, May 2001; grouper.ieee.org/groups/802/11.]]

Google Scholar

[2]

Borisov, N., Goldberg, I., and Wagner, D. Intercepting mobile communications: The insecurity of 802.11. In Proceedings of the International Conference on Mobile Computing and Networking, (July 2001), 180--189.]]

Digital Library

Google Scholar

[3]

Dworkin, M. Recommendation for Block Cipher Modes of Operation: Methods and Techniques. NIST Special Publication 800-38A, Dec. 2001.]]

Google Scholar

[4]

Ferguson, N. Michael: An improved MIC for 802.11 WEP. IEEE 802.11 doc 02-020r0, Jan. 17, 2002; grouper.ieee.org/groups/802/11.]]

Google Scholar

[5]

Fluhrer, S., Mantin, I., and Shamir, A. Weaknesses in the key schedule algorithm of RC4. In Proceedings of the 4th Annual Workshop on Selected Areas of Cryptography, 2001.]]

Digital Library

Google Scholar

[6]

Housley, R. and Arbaugh, W. Security problems in 802.11-based networks. Commun. ACM 46, 5 (May 2003).]]

Digital Library

Google Scholar

[7]

ISO/IEC 8802-11 ANSI/IEEE Std 802.11-1999. Information technology---Telecommunications and information systems---Local and metropolitan area networks---Specific requirements---Part 11: Wireless LAN Media Access Control (MAC) and Physical Layer (PHY) specifications.]]

Google Scholar

[8]

National Institute of Standards and Technology. FIPS Pub 197: Advanced Encryption Standard (AES). Nov. 26, 2001.]]

Google Scholar

[9]

National Institute of Standards and Technology. FIPS Pub 113: Computer Data Authentication. May 30, 1985.]]

Google Scholar

[10]

Stubblefield, A., Ioannidis, J., and Rubin, A. Using the Fluhrer, Mantin, and Shamir attack to break WEP. In Proceedings of the 2002 Network and Distributed Systems Security Symposium (2002), 17--22.]]

Google Scholar

[11]

Walker, J. Unsafe at Any Key Size: An Analysis of the WEP Encapsulation. IEEE 802.11 doc 00-362, Oct. 27, 2000; grouper.ieee.org/groups/802/11.]]

Google Scholar

Cited By

View all

Ganji SKumar P(2024)Seeing the Unseen: The REVEAL Protocol to Expose the Wireless Man-in-the-MiddleIEEE Transactions on Wireless Communications10.1109/TWC.2024.345135823:11(17143-17156)Online publication date: Nov-2024
https://doi.org/10.1109/TWC.2024.3451358
Al-Hamami ATawfik ZYasein F(2022)A New Method for Ensuring the Integrity in Wireless LAN (WiFi)2022 International Conference for Natural and Applied Sciences (ICNAS)10.1109/ICNAS55512.2022.9944679(1-4)Online publication date: 14-May-2022
https://doi.org/10.1109/ICNAS55512.2022.9944679
Alhamry MAlomary A(2022)Exploring Wi-Fi WPA2-PSK protocol weaknesses2022 International Conference on Data Analytics for Business and Industry (ICDABI)10.1109/ICDABI56818.2022.10041465(190-195)Online publication date: 25-Oct-2022
https://doi.org/10.1109/ICDABI56818.2022.10041465
Show More Cited By

Index Terms

Security flaws in 802.11 data link protocols
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks
  1. Network architectures
  2. Network properties
    1. Network range
      1. Local area networks
      2. Wide area networks

Recommendations

Overcoming programming flaws: indexing of common software vulnerabilities
InfoSecCD '05: Proceedings of the 2nd annual conference on Information security curriculum development

The goal of this research project was to identify categories of programming flaws that lead to software bugs and index existing vulnerability reports against those categories. A keyword-based search placed 70% of the records from the OSVDB and CVE ...
Security protocols in wirelessman
Design guidelines for security protocols to prevent replay & parallel session attacks

This work is concerned with the design of security protocols. These protocols are susceptible to intruder attacks and their security compromised if weaknesses in the protocols' design are evident. In this paper a new analysis is presented on the reasons ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

Communications of the ACM Volume 46, Issue 5

Wireless networking security

May 2003

84 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/769800

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 May 2003

Published in CACM Volume 46, Issue 5

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

88
Total Citations
View Citations
8,903
Total Downloads

Downloads (Last 12 months)262
Downloads (Last 6 weeks)74

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Ganji SKumar P(2024)Seeing the Unseen: The REVEAL Protocol to Expose the Wireless Man-in-the-MiddleIEEE Transactions on Wireless Communications10.1109/TWC.2024.345135823:11(17143-17156)Online publication date: Nov-2024
https://doi.org/10.1109/TWC.2024.3451358
Al-Hamami ATawfik ZYasein F(2022)A New Method for Ensuring the Integrity in Wireless LAN (WiFi)2022 International Conference for Natural and Applied Sciences (ICNAS)10.1109/ICNAS55512.2022.9944679(1-4)Online publication date: 14-May-2022
https://doi.org/10.1109/ICNAS55512.2022.9944679
Alhamry MAlomary A(2022)Exploring Wi-Fi WPA2-PSK protocol weaknesses2022 International Conference on Data Analytics for Business and Industry (ICDABI)10.1109/ICDABI56818.2022.10041465(190-195)Online publication date: 25-Oct-2022
https://doi.org/10.1109/ICDABI56818.2022.10041465
Dalal NAkhtar NGupta AKaramchandani NKasbekar GParekh J(2022)A Wireless Intrusion Detection System for 802.11 WPA3 Networks2022 14th International Conference on COMmunication Systems & NETworkS (COMSNETS)10.1109/COMSNETS53615.2022.9668542(384-392)Online publication date: 4-Jan-2022
https://doi.org/10.1109/COMSNETS53615.2022.9668542
Bochem ALeiding B(2021)Rechained: Sybil-Resistant Distributed Identities for the Internet of Things and Mobile Ad Hoc NetworksSensors10.3390/s2109325721:9(3257)Online publication date: 8-May-2021
https://doi.org/10.3390/s21093257
Sujatanagarjuna ABochem ALeiding B(2021)Formalizing the Blockchain-Based BlockVoke Protocol for Fast Certificate Revocation Using Colored Petri NetsInformation10.3390/info1207027712:7(277)Online publication date: 6-Jul-2021
https://doi.org/10.3390/info12070277
Sagers G(2021)WPA3: The Greatest Security Protocol That May Never Be2021 International Conference on Computational Science and Computational Intelligence (CSCI)10.1109/CSCI54926.2021.00273(1360-1364)Online publication date: Dec-2021
https://doi.org/10.1109/CSCI54926.2021.00273
Bagchi SAbdelzaher TGovindan RShenoy PAtrey AGhosh PXu R(2020)New Frontiers in IoT: Networking, Systems, Reliability, and Security ChallengesIEEE Internet of Things Journal10.1109/JIOT.2020.30076907:12(11330-11346)Online publication date: Dec-2020
https://doi.org/10.1109/JIOT.2020.3007690
Alonge CArogundade OAdesemowo KIbrahalu FAdeniran OMustapha A(2020)Information Asset Classification and Labelling Model Using Fuzzy Approach for Effective Security Risk Assessment2020 International Conference in Mathematics, Computer Engineering and Computer Science (ICMCECS)10.1109/ICMCECS47690.2020.240911(1-7)Online publication date: Mar-2020
https://doi.org/10.1109/ICMCECS47690.2020.240911
Schepers DRanganathan AVanhoef MGalbraith SRussello GSusilo WGollmann DKirda ELiang Z(2019)Practical Side-Channel Attacks against WPA-TKIPProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3329832(415-426)Online publication date: 2-Jul-2019
https://dl.acm.org/doi/10.1145/3321705.3329832
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations

Overcoming programming flaws: indexing of common software vulnerabilities

Security protocols in wirelessman

Design guidelines for security protocols to prevent replay & parallel session attacks

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Magazine Site

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations