skip to main content
10.1145/3052973.3053008acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

Discovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing

Published: 02 April 2017 Publication History

Abstract

We use model-based testing techniques to detect logical vulnerabilities in implementations of the Wi-Fi handshake. This reveals new fingerprinting techniques, multiple downgrade attacks, and Denial of Service (DoS) vulnerabilities. Stations use the Wi-Fi handshake to securely connect with wireless networks. In this handshake, mutually supported capabilities are determined, and fresh pairwise keys are negotiated. As a result, a proper implementation of the Wi-Fi handshake is essential in protecting all subsequent traffic. To detect the presence of erroneous behaviour, we propose a model-based technique that generates a set of representative test cases. These tests cover all states of the Wi-Fi handshake, and explore various edge cases in each state. We then treat the implementation under test as a black box, and execute all generated tests. Determining whether a failed test introduces a security weakness is done manually. We tested 12 implementations using this approach, and discovered irregularities in all of them. Our findings include fingerprinting mechanisms, DoS attacks, and downgrade attacks where an adversary can force usage of the insecure WPA-TKIP cipher. Finally, we explain how one of our downgrade attacks highlights incorrect claims made in the 802.11 standard.

References

[1]
WiGLE: WiFi encryption over time. Retrieved 23 October 2016 from https://wigle.net/enc-large.html.
[2]
N. Asokan, V. Niemi, and K. Nyberg. Man-in-the-middle in tunnelled authentication protocols. In SPW, 2003.
[3]
B. Beurdouche, K. Bhargavan, A. Delignat-Lavaud, C. Fournet, M. Kohlweiss, A. Pironti, P.-Y. Strub, and J. K. Zinzindohoue. A messy state of the union: Taming the composite state machines of TLS. In IEEE SP, 2015.
[4]
A. Bittau, M. Handley, and J. Lackey. The final nail in WEP's coffin. In IEEE SP, 2006.
[5]
S. Brenza, A. Pawlowski, and C. Pöpper. A practical investigation of identity theft vulnerabilities in eduroam. In WiSec, 2015.
[6]
C. Brubaker, S. Jana, B. Ray, S. Khurshid, and V. Shmatikov. Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations. In IEEE SP, 2014.
[7]
L. Butti and J. Tinnes. Discovering and exploiting 802.11 wireless driver vulnerabilities. Journal in Computer Virology, 4(1):25--37, 2008.
[8]
A. Cassola, W. Robertson, E. Kirda, and G. Noubir. A practical, targeted, and stealthy attack against WPA enterprise authentication. In NDSS, 2013.
[9]
I. . L. S. Committee et al. Wireless LAN medium access control (MAC) and physical layer (PHY) specifications. IEEE Standard, 2012.
[10]
P. M. Comparetti, G. Wondracek, C. Kruegel, and E. Kirda. Prospex: Protocol specification extraction. In IEEE SP, 2009.
[11]
J. De Ruiter and E. Poll. Protocol state fuzzing of TLS implementations. In USENIX Security, 2015.
[12]
V. Dukhovni. Opportunistic security: Some protection most of the time. RFC 7435, 2014.
[13]
S. Fluhrer, I. Mantin, and A. Shamir. Weaknesses in the key scheduling algorithm of RC4. In SAC, Lecture Notes in Computer Science, 2001.
[14]
D. Harkins. Simultaneous authentication of equals: a secure, password-based key exchange for mesh networks. In SENSORCOMM, 2008.
[15]
D. Harkins and W. Kumari. Opportunistic wireless encryption. RFC Draft 7, Feb. 2017.
[16]
C. He and J. C. Mitchell. Analysis of the 802.11 imbox4-Way handshake. In Proceedings of the 3rd ACM workshop on Wireless security (WiSE), 2004.
[17]
C. He, M. Sundararajan, A. Datta, A. Derek, and J. C. Mitchell. A modular correctness proof of IEEE 802.11i and TLS. In CCS, 2005.
[18]
H. Hwang, G. Jung, K. Sohn, and S. Park. A study on MI™ (man in the middle) vulnerability in wireless network using 802.1x and EAP. In ICISS, 2008.
[19]
IEEE 802.11 WG. Letter ballot 52 comments. Retrieved 20 October 2016 from http://www.ieee802.org/11/LetterBallots/preLB86/11-03-033r10-I-LB52-Comments.xls, June 2003.
[20]
IEEE Std 802.11--2012. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Spec, 2012.
[21]
J. Malinen. Ignore Michael MIC failure reports if cipher is not TKIP. hostapd committextttfbc72d32c, 2011.
[22]
M. Mendonça and N. Neves. Fuzzing Wi-Fi drivers to locate security vulnerabilities. In EDCC, 2008.
[23]
C. H. J. C. Mitchell. Security analysis and improvements for IEEE 802.11i. In NDSS, 2005.
[24]
P. Robyns, B. Bonné, P. Quax, and W. Lamotte. Short paper: exploiting WPA2-enterprise vendor implementation weaknesses through challenge response oracles. In WiSec, 2014.
[25]
J. Somorovsky. Systematic fuzzing and testing of TLS libraries. In CCS, 2016.
[26]
A. Stubblefield, J. Ioannidis, and A. D. Rubin. A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP). TISSEC, 2004.
[27]
E. Tews and M. Beck. Practical attacks against WEP and WPA. In WiSec, 2009.
[28]
M. Vanhoef and F. Piessens. Practical verification of WPA-TKIP vulnerabilities. In ASIA CCS, 2013.
[29]
M. Vanhoef and F. Piessens. AdvancedmboxWi-Fi attacks using commodity hardware. In ACSAC, 2014.
[30]
M. Vanhoef and F. Piessens. Predicting, decrypting, and abusing WPA2/802.11 group keys. In USENIX Security, 2016.
[31]
L. Wang and B. Srinivasan. Analysis and improvements over DoS attacks against IEEE 802.11i standard. In NSWCTC, 2010.
[32]
Wi-Fi Alliance. Hotspot 2.0 (Release 2) Technical Specification v1.1.0, 2010.
[33]
Wi-Fi Alliance. Technical note: Removal of TKIP from Wi-Fi devices, Mar. 2015.

Cited By

View all
  • (2023)Countering Relay and Spoofing Attacks in the Connection Establishment Phase of Wi-Fi SystemsProceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3558482.3590185(275-285)Online publication date: 29-May-2023
  • (2022)On the Robustness of Wi-Fi Deauthentication CountermeasuresProceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3507657.3528548(245-256)Online publication date: 16-May-2022
  • (2022)Greyhound: Directed Greybox Wi-Fi FuzzingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.301462419:2(817-834)Online publication date: 1-Mar-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security
April 2017
952 pages
ISBN:9781450349444
DOI:10.1145/3052973
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 April 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. 802.11
  2. fuzzing
  3. handshake
  4. testing
  5. wi-fi

Qualifiers

  • Research-article

Conference

ASIA CCS '17
Sponsor:

Acceptance Rates

ASIA CCS '17 Paper Acceptance Rate 67 of 359 submissions, 19%;
Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)24
  • Downloads (Last 6 weeks)1
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Countering Relay and Spoofing Attacks in the Connection Establishment Phase of Wi-Fi SystemsProceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3558482.3590185(275-285)Online publication date: 29-May-2023
  • (2022)On the Robustness of Wi-Fi Deauthentication CountermeasuresProceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3507657.3528548(245-256)Online publication date: 16-May-2022
  • (2022)Greyhound: Directed Greybox Wi-Fi FuzzingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.301462419:2(817-834)Online publication date: 1-Mar-2022
  • (2022)Systematically Analyzing Vulnerabilities in the Connection Establishment Phase of Wi-Fi Systems2022 IEEE Conference on Communications and Network Security (CNS)10.1109/CNS56114.2022.9947252(64-72)Online publication date: 3-Oct-2022
  • (2022)Multi-Channel Man-in-the-Middle attacks against protected Wi-Fi networksExpert Systems with Applications: An International Journal10.1016/j.eswa.2022.118401210:COnline publication date: 30-Dec-2022
  • (2022)Wireless LAN (WLAN)Guide to Internet Cryptography10.1007/978-3-031-19439-9_6(99-119)Online publication date: 26-Nov-2022
  • (2021)New Iterated RC4 Key Correlations and their Application to Plaintext Recovery on WPA-TKIPIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences10.1587/transfun.2020CIP0006E104.A:1(190-202)Online publication date: 1-Jan-2021
  • (2021)A framework to test and fuzz wi-fi devicesProceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3448300.3468261(368-370)Online publication date: 28-Jun-2021
  • (2021)Wireless Encryption and WPA2 Weaknesses2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC)10.1109/CCWC51732.2021.9376023(1007-1015)Online publication date: 27-Jan-2021
  • (2019)Practical Side-Channel Attacks against WPA-TKIPProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3329832(415-426)Online publication date: 2-Jul-2019
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media