{"title":"A Secure Session Key Negotiation Scheme in WPA2-PSK Networks","authors":"J. Guo, Miao Wang, Hanwen Zhang, Yujun Zhang","doi":"10.1109/WCNC45663.2020.9120510","DOIUrl":null,"url":null,"abstract":"Wi-Fi Protected Access II Pre-Shared Key (WPA2-PSK) is a hot way to wireless security in public Wi-Fi networks. It works on a pre-configured passphrase shared with all stations in the same Wi-Fi network. Session keys (e.g., Pairwise Transient Key, PTK) between stations and the access point (AP) are derived from the passphrase. The WPA2-PSK networks can authenticate external stations, however, they fail to guarantee confidential communication if internal attackers own the passphrase in the network since all stations derive their PTK using the same passphrase. To prevent internal stations from eavesdropping the PTK, a secure session key negotiation scheme in WPA2-PSK Networks (SSKNS) is proposed. We introduce a temporary session key (TSK), which is encrypted using elliptic curve cryptography (ECC) and exchanged securely between the station and the AP in the Wi-Fi association process. Through AES algorithm with TSK, the station encrypts its own nonce used to generate the unique PTK in the 4-way process. Our scheme neither modifies the legacy process related to PTK generation nor adds plethoric overhead on excessive protection of all messages. Security analysis and simulations performed in NS-3 demonstrate that by consuming a few computation overheads, SSKNS can effectively provide security level, compared with the existing schemes.","PeriodicalId":415064,"journal":{"name":"2020 IEEE Wireless Communications and Networking Conference (WCNC)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE Wireless Communications and Networking Conference (WCNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WCNC45663.2020.9120510","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Wi-Fi Protected Access II Pre-Shared Key (WPA2-PSK) is a hot way to wireless security in public Wi-Fi networks. It works on a pre-configured passphrase shared with all stations in the same Wi-Fi network. Session keys (e.g., Pairwise Transient Key, PTK) between stations and the access point (AP) are derived from the passphrase. The WPA2-PSK networks can authenticate external stations, however, they fail to guarantee confidential communication if internal attackers own the passphrase in the network since all stations derive their PTK using the same passphrase. To prevent internal stations from eavesdropping the PTK, a secure session key negotiation scheme in WPA2-PSK Networks (SSKNS) is proposed. We introduce a temporary session key (TSK), which is encrypted using elliptic curve cryptography (ECC) and exchanged securely between the station and the AP in the Wi-Fi association process. Through AES algorithm with TSK, the station encrypts its own nonce used to generate the unique PTK in the 4-way process. Our scheme neither modifies the legacy process related to PTK generation nor adds plethoric overhead on excessive protection of all messages. Security analysis and simulations performed in NS-3 demonstrate that by consuming a few computation overheads, SSKNS can effectively provide security level, compared with the existing schemes.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
