doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 1 Secure Authentication Using Only A Password Date: Authors:

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 2 Abstract Authentication using a password or pre-shared key has not been done properly in As a result there is no way to use these credentials to secure a WLAN and the standard continues to get bad press.

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 3 Password Authentication Passwords are the pre-eminent credential used for network access today. –The concept is simple to grasp for unsophisticated users. They are easy to configure and easy to manage They therefore tend to be: –Something easy to remember –Something that can be entered repeatedly with a low probability of error. Passwords are used today and will continue to be used tomorrow.

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 4 Problems with Passwords in Shared key authentication –Used a statically configured key in an authentication protocol. –Uses authentication frames, if you can’t get authenticated you can’t associate. –Fundamentally flawed. Broken in a matter of seconds. (WPA) PSK authentication –Hashes a password with the SSID to create a key to use in a cryptographic handshake for authentication. –Uses data frames, first you do open authentication, then association, and then you exchange data frames. –Susceptible to passive, guessing attack. Broken in a matter of minutes to a matter of hours depending on how “strong” the password is

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 5 Problems with Passwords in These issues cause continued bad press for A simple search turns up: –“Unsafe at any key length” –“Wireless security’s broken skeleton in the closet” –“Networks suffer from wireless insecurity” –“Wireless connectivity can breed wireless insecurity” The ease of use of passwords means they will continue to be used. There is no way to securely use them in the standard today!

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 6 Secure Password-based Authentication TGs has a peer-to-peer protocol for using a password to authenticate mesh points. –While designed for mesh, it is suitable for STA to AP communication, IBSS, and any other peer-to-peer application. –Uses authentication frames in a cryptographically secure protocol. Can be used to protect subsequent authentication! –Provides security against passive attack, active attack, and dictionary attack. –Resistance to attack obviates password management rules that make passwords harder to use– passwords can be “weaker” and can be shared and still not be susceptible to attack. It fits nicely into the state machine– authentication using authentication frames!

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 7 Secure Password-based Authentication Each side exchanges two messages, a commitment (to a guess of the password), and a confirmation (of knowledge of the password). Uses a “zero knowledge proof” –The only information leaked by the exchange is whether you know the password or not. –Unlike (WPA)PSK an attacker cannot learn anything about the password by passively watching the exchange –An attacker gets one guess and one guess only per active attack. Countermeasures deal with repeated active attacks. I have a proposal to add this to the base document but it needs vetting.

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 8 Straw Poll “A secure password-based authentication protocol should become part of the base standard” Yes: No: Don’t know:

doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 9 References Simultaneous Authentication of Equals: A Secure, Password-Based Key Exchange for Mesh Networks, D. Harkins, sensorcomm, pp , Proceedings of the 2008 Second International Conference on Sensor Technologies and Applications, 2008