Doc.: IEEE 802.11-03/0563-00-000i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 1 An Empirical Analysis of the 4- way Hand-shake 1 Nick.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Advertisements

Doc.: IEEE /553r0 Submission September 2001 Tim Moore, Bernard Aboba/Microsoft Authenticated Fast Handoff IEEE Tgi Tim Moore Bernard Aboba.
IEEE i: A Retrospective Bernard Aboba Microsoft March 2004.
IEEE P802 Handoff ECSG Submission July 2003 Bernard Aboba, Microsoft Detection of Network Attachment (DNA) and Handoff ECSG Bernard Aboba Microsoft July.
Advantage Century Telecommunication Corp. AIL: Actively Intelligent Link-Layer Handoff Guo-Yuan Mikko Wang
Doc.: IEEE /0018r0 Submission January 2010 Alexander Tolpin, Intel CorporationSlide 1 4 –Way Handshake Synchronization Issue Date:
Fast roaming in WPA T. Wolniewicz PIONIER. Events causing access-point switching Moving wireless client Metwork card switching in search of better conditions.
Doc.: IEEE /0041r1 Submission NameAffiliationsAddressPhone Robert Sun; Yunbo Li; Edward Au; Phillip Barber Huawei Technologies Co., Ltd.
CSMA/CA in IEEE Physical carrier sense, and Virtual carrier sense using Network Allocation Vector (NAV) NAV is updated based on overheard RTS/CTS/DATA/ACK.
Doc.: IEEE /533r0 Submission July 2003 Clint Chaplin, Symbol TechnologiesSlide 1 Proposal for Fast Roam Fast Handoff Study Group Clint Chaplin,
Doc.: IEEE /533r3 Submission July 2003 Clint Chaplin, Symbol TechnologiesSlide 1 Proposal for Fast Roam Fast Handoff Study Group Clint Chaplin,
Wireless Design for Voice Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Fast Wireless Handoff in Networks Sangho Shin Andrea G. Forte Anshuman S. Rawat Henning Schulzrinne.
Handoff Delay for b Wireless LANs Masters Project defense Anshul Jain Committee: Dr. Henning Schulzrinne, Columbia University Dr. Zongming Fei, University.
Doc.: IEEE /0748r0 Submission July 2004 Spilman, Azimuth Systems Test Methodology for Measuring BSS Transition Time Jeremy Spilman Azimuth Systems.
Doc.: IEEE /0476r3 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.
Doc.: IEEE /540 Submission July 2003 Arunesh Mishra, Min-ho Shin, William Arbaugh, Insun Lee, Kyunghun Jang. Fast handoffs using Fixed Channel.
WEP Protocol Weaknesses and Vulnerabilities
Doc.: IEEE /1572r0 Submission December 2004 Harkins and AbobaSlide 1 PEKM (Post-EAP Key Management Protocol) Dan Harkins, Trapeze Networks
Doc.: IEEE /0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: Authors:
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
An Empirical Analysis of the IEEE MAC Layer Handoff Process Arunesh Mishra Minho Shin William Arbaugh University of Maryland,College Park,MD.
Doc.: IEEE /551r0 Submission September 2002 Moore, Roshan, Cam-WingetSlide 1 TGi Frame Exchanges Tim Moore Microsoft Pejman Roshan Nancy Cam-Winget.
Doc.: IEEE /084r0-I Submission January 2003 Mishra, Shin, Arbaugh, Lee, Jang Proactive Key Distribution to support fast and secure roaming Arunesh.
Doc.: IEEE /0707r0 Submission July 2003 N. Cam-Winget, et alSlide 1 Establishing PTK liveness during re-association Nancy Cam-Winget, Cisco Systems.
Doc.: IEEE /0061r1 SubmissionJae Seung Lee, ETRISlide 1 Probe Response frame transmission interval Date:
Doc.: IEEE /0547r1 Submission May 2012 Dapeng Liu, China MobileSlide 1 Extend 802.1X for higher layer configuration in FILS Date:
Doc.: IEEE r Submission November 2004 Bob Beach, Symbol TechnologiesSlide 1 Fast Roaming Using Multiple Concurrent Associations Bob.
Distributed WPA Cracking CSCI Distributed Systems Spring 2011 University of Colorado Rodney Beede Ryan Kroiss Arpit Sud
Doc.: IEEE /0435r1 Submission March 2011 Marc Emmelmann, Fraunhofer FOKUSSlide 1 Definitions and Terminology from Date: Authors:
Submission doc.: IEEE /1034r4 September 2012 Jeongki Kim, LG ElectronicsSlide 1 Enhanced scanning procedure for FILS Date: Authors:
Doc.: IEEE /008r0 Submission January 2003 N. Cam-Winget, D. Smith, K. AmannSlide 1 Proposed new AKM for Fast Roaming Nancy Cam-Winget, Cisco Systems.
Wireless security Wi–Fi (802.11) Security
Doc.: IEEE /657r0 Submission August 2003 N. Cam-WingetSlide 1 TGi Draft 5.0 Comments Nancy Cam-Winget, Cisco Systems Inc.
Doc.: IEEE /0485r0 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Management Protection Jesse Walker and Emily Qi Intel.
Doc.: IEEE /1181r0 Submission October 2004 He et alSlide 1 Proposal for Fast Inter-BBS Transitions Xiaoning He Paragon Wireless, Inc. Sunnyvale,
Doc.: IEEE /0757r0 Submission July 2005 C Trecker, Azimuth SystemsSlide 1 Test Methodology for measuring Fast BSS Transition Performance Notice:
Doc.: IEEE /403r0 Submission July 2001 Albert Young, 3Com, et alSlide 1 Supplementary Functional Requirements for Tgi ESS Networks Submitted to.
Doc.: IEEE /084r1 Submission January 2003 Mishra, Shin, Arbaugh, Lee, Jang Proactive Key Distribution to support fast and secure roaming Arunesh.
1 An Empirical Analysis of the IEEE MAC Layer Handoff Process Arunesh Mishra Minho Shin William Arbaugh University of Maryland College Park,MD,USA.
Robust Security Network (RSN) Service of IEEE
Fast MAC Layer Handoff in Networks
M. Kassab, A. Belghith, J. Bonnin, S. Sassi
The Network Beacon Announcement scanning method
FILS presentation on High Level Security Requirements
Use of EAPOL-Key messages during pre-auth
Broadcast of Neighbor Info
PEKM (Post-EAP Key Management Protocol)
OCT based 6 GHz AP Operation Discussion
BSSID Info Field Comment resolution
Jesse Walker and Emily Qi Intel Corporation
Month Year doc.: IEEE yy/xxxxr0
Fast Roaming Compromise Proposal
RRM and Roaming Support
Performance Analysis of authentication and authorization
Roaming timings and PMK lifetime
Fast Roaming Compromise Proposal
Fast Roaming Compromise Proposal
The Need for Fast Roaming
Roaming timings and PMK lifetime
April 2009 doc.: IEEE /xxxxr0 July 2010
Tim Moore Microsoft Pejman Roshan Nancy Cam-Winget Cisco Systems, Inc
doc.: IEEE /1072r0 Dan Harkins Trapeze Networks
doc.: IEEE /1072r0 Dan Harkins Trapeze Networks
Fast Roaming Observations
Use of EAPOL-Key messages
Roaming timings and PMK lifetime
Month Year doc.: IEEE yy/xxxxr0
Presentation transcript:

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 1 An Empirical Analysis of the 4- way Hand-shake 1 Nick Petroni, Jr. William A. Arbaugh WAA Associates, LLC. 1. This work funded under a contract with the U.S. Defense Information Systems Agency (DISA)

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 2 Experiment Equipment Tested equipment –Access Points from 3 vendors –Client cards from 4 vendors –4 software clients (1 card-specific) STA –1.8GHz Pentium 4m Laptop –256 MB RAM –Windows XP Professional Service Pack 1 Measurement host –Identical hardware to client host –WildPackets AiroPeek NX 2.0

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 3 Test Procedure 1.Power up first AP on channel 1 in RF free environment. 2.STA associates to first AP 3.Power up second AP on channel 6 4.Power down first AP to force reassociation with second AP 5.Timing host listens on channel 6.

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 4 Layout STA Measurement Host AP1 AP2 10 feet 5 feet 7 feet 3 feet

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 5 Interoperability Matrix ClientCardAPResult Client1Cards 1,3ALLTimed Client1Cards 2,4AP 1Proprietary behavior observed Client1Cards 2,4AP 2-3Timed Client2Cards 1-3ALLClient is card specific Client2Card4AP1Proprietary behavior observed Client2Card4AP2Client2/AP2 do not interoperate Client2Card4AP3Timed Client3Cards 1,3ALLTimed Client3Card2ALLClient3/Card2 do not interoperate Client3Card4AP 1Proprietary behavior observed Client3Card4AP 2-3Timed Client4Cards 1,3ALLTimed Client4Cards 2,4AP 1Proprietary behavior observed Client4Cards 2,4AP 2-3Timed

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 6 Problems Encountered Client Problems –Multiple clients sent EAPOL Start in response to first EAPOL Key Packet –One client occasionally sent EAPOL Key response (second message) to the previous AP, even after receiving first key message from new AP

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 7 Problems Encountered Card Problems –Multiple cards did full Association instead of Reassociation

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 8 Problems Encountered Interoperability Problems –One client could not successfully authenticate with one AP regardless of card used. –One client/card combination failed to interoperate –One combination of client/card/AP consistently resulted in 1.Reassociation 2.4-way handshake 3.Deauthentication 4.Full Association 5.4-way handshake –Two cards used (seemingly) proprietary means with the same AP, failing to ever do a 4-way HS

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 9 Results- Client Comparison

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 10 Results- Client1

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 11 Results- Client1

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 12 Results- Client2

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 13 Results- Client3

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 14 Results- Client3

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 15 Results- Client4

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 16 Results- Client4

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 17 Results- Effect of AP

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 18 Results- Effect of AP

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 19 Results- Effect of Card

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 20 Results- Effect of Card

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 21 Summary of Results Interoperability problems were MUCH larger than expected. An optimized client on a Pentium 4 (we didn’t have a client for a PDA to test) has a ~20ms latency for the 4-way.

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 22 Conclusions A 4-way latency of ~20ms in the best case (no RF contention, fast processor, no RADIUS delay as in PMK caching) creates a total layer 2 latency that will likely exceed 50ms when combined with the probe phase latency. We’ve already dropped 2.5 VoIP packets and we haven’t added in the layer 3 latency yet.

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 23 Recommendations WECA should consider a “bake off” to quickly identify interoperability problems. TGi should consider splitting the PAR into two working groups. The first would complete the current draft components, and the second would define a fast hand-off specification that utilizes the current key hierarchy.

doc.: IEEE / i Submission July 2003 Petroni,Arbaugh WAA Associates, LLC.Slide 24 Thanks Vendors for providing TKIP equipment. Tim Moore and Nancy Cam-Winget for answering questions. Wildpackets for providing Airopeek NX v2 for testing. DISA for funding the work.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.