Weaknesses in the temporal key hash of WPA

Authors:
Vebjørn Moen;Håvard Raddum;Kjell J. Hole
Affiliations:
University of Bergen, Bergen, Norway;University of Bergen, Bergen, Norway;University of Bergen, Bergen, Norway
Venue:
ACM SIGMOBILE Mobile Computing and Communications Review
Year:
2004

Citing 1
Cited 7

Intercepting mobile communications: the insecurity of 802.11

Proceedings of the 7th annual international conference on Mobile computing and networking

Securing Wi-Fi Networks

Computer
A modular correctness proof of IEEE 802.11i and TLS

Proceedings of the 12th ACM conference on Computer and communications security
Static and dynamic 4-way handshake solutions to avoid denial of service attack in Wi-Fi protected access and IEEE 802.11i

EURASIP Journal on Wireless Communications and Networking
Discovery and exploitation of new biases in RC4

SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Statistical attack on RC4 distinguishing WPA

EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Practical verification of WPA-TKIP vulnerabilities

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
A Probability Problem Arising from the Security of the Temporal Key Hash of WPA

Wireless Personal Communications: An International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article describes some weaknesses in the key scheduling in Wi-Fi Protected Access (WPA) put forward to secure the IEEE standard 802.11-1999. Given a few RC4 packet keys in WPA it is possible to find the Temporal Key (TK) and the Message Integrity Check (MIC) key. This is not a practical attack on WPA, but it shows that parts of WPA are weak on their own. Using this attack it is possible to do a TK recovery attack on WPA with complexity O(2105) compared to a brute force attack with complexity O (2128).