Authentication in 802.11 LANs using a covert side channel

Authors:
Telvis E. Calhoun, Jr.;Reed Newman;Raheem Beyah
Affiliations:
Department of Computer Science, Georgia State University, Atlanta, GA;Department of Computer Science, Georgia State University, Atlanta, GA;Department of Computer Science, Georgia State University, Atlanta, GA
Venue:
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Year:
2009

Citing 11
Cited 1

Password authentication with insecure communication

Communications of the ACM
A note on the confinement problem

Communications of the ACM
A rate-adaptive MAC protocol for multi-Hop wireless networks

Proceedings of the 7th annual international conference on Mobile computing and networking
Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays

Proceedings of the 10th ACM conference on Computer and communications security
IEEE 802.11 rate adaptation: a practical approach

MSWiM '04 Proceedings of the 7th ACM international symposium on Modeling, analysis and simulation of wireless and mobile systems
Web tap: detecting covert web traffic

Proceedings of the 11th ACM conference on Computer and communications security
Profiling internet backbone traffic: behavior models and applications

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Improved Port Knocking with Strong Authentication

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
WLAN steganography: a first practical review

MM&Sec '06 Proceedings of the 8th workshop on Multimedia and security
Tamper-Evident Digital Signature Protecting Certification Authorities Against Malware

DASC '06 Proceedings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing
Covert channels in privacy-preserving identification systems

Proceedings of the 14th ACM conference on Computer and communications security

An 802.11 MAC layer covert channel

Wireless Communications & Mobile Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a covert side channel technique that uses the 802.11 MAC rate switching protocol as cover for covert authentication messages. Covert authentication prevents an attacker from knowing when a user is authenticating and protects user credentials from malicious software attacks. Similar to port knocking, a remote client sends authentication messages to an access point in order to access a protected service. The technique uses a one-time password algorithm to protect against replay attacks. We investigate how the covert side channel affects node throughput in mobile and non-mobile scenarios. We also investigate the covertness of the covert side channel using standardized entropy. The results show that the performance impact is minimal and increases slightly as the authentication frequency increases. We further show that we can authenticate with 100% accuracy with minimal impact on rate switching entropy.