文章基本信息

标题：Denial of Service Attacks Against the 4-Way Wi-Fi Handshake
本地全文：下载
作者：Mathy Vanhoef ; Frank Piessens
期刊名称：Computer Science & Information Technology
电子版ISSN：2231-5403
出版年度：2017
卷号：7
期号：15
页码：85-94
DOI：10.5121/csit.2017.71508
出版社：Academy & Industry Research Collaboration Center (AIRCC)
摘要：The 4-way Wi-Fi handshake is used to negotiate fresh pairwise keys, and authenticates both theclient and Access Point (AP). We analyze this handshake, and discover several new denial-ofservice(DoS) attacks against it. Interestingly, our attacks work even if Management FrameProtection (MFP) is enabled.The first attack abuses the observation that messages in the 4-way handshake undergo linklayerencryption once the pairwise key is installed. More precisely, when message 4 of thehandshake is dropped, the handshake times out. The second attack is similar to the second one,but induces the AP into sending the first message 4 with link-layer encryption. Again, thiscauses the handshake to time out. In the third attack, an adversary waits until the victimcompletes the 4-way handshake. Then she initiates a rekey by injecting a malformed 4-wayhandshake messages, causing several implementations to disconnect the client from thenetwork. Finally, we propose countermeasures against our discovered attacks.
关键词：Network Protocols; Wi-Fi; 802.11; Denial-of-Service attacks; 4-way handshake