• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.317-324
• /
• 2009

In this paper, a 4-way Handshake protocol in the IEEE 802.11i is analyzed in terms of both security and reliability. It is shown that the 4-way Handshake protocol breaks down under some conditions due to a MIC (message integrity code) failure, and a solution to fix it is proposed. It is also proposed that a new 2-way Handshake protocol which is more secure and efficient than the 4-way Handshake protocol.

• Journal of Korea Multimedia Society
• /
• v.12 no.9
• /
• pp.1323-1332
• /
• 2009

In this paper, we analyze security weakness of 4-Way Handshake in IEEE 802.11i and propose fast and secure 2-Way Handshake mechanism. Compute PTK(Pairwise Transient Key) using sequence number instead of random numbers in order to protect Replay attack and DoS attack. Also, proposed 2-Way Handshake mechanism can mutual authenticate between mobile station and access point and derive PTK using modified Re-association Request and Re-association Response frames. And, compare with others which are fast and secure Handoff mechanisms.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.984-986
• /
• 2013

DCF(Distributed Coordination Function) defined in IEEE 802.11 provides two different modes, namely, a 2-way handshake and a 4-way handshake according to the transmission procedure. If secondary transmission would not cause a collision with primary transmission, there is no need to postpone transmission unnecessarily. We study a feasible condition which can transmit data concurrently and propose a concurrent transmission scheme.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.3
• /
• pp.595-603
• /
• 2017

We propose a scheme to reduce the time for the SSL/TLS handshake by embedding it into the TCP 3-way handshake. The scheme can be selectively applied on the standard TCP for making the SSL/TCP handshake happen within the TCP handshake, rather than performing the TCP handshake and SSL/TLS handshake in sequence. We implemented a prototype of the scheme and did some experiments on its performance. Experimental results showed that, compared to the sequential handshakes of the TCP and the SSL/TLS, the time reduction achieved by the scheme varied in the range of 3.2% and 14%(when the elapsed time by the ping program from the client to the server was 11.6ms). The longer the time measured by the ping program, which would grow as the propagation and queuing delays do, the larger the reduction rate. It accords with the supposition that the reduced time due to the scheme will increase in proportion to the amount of the elapsed time measured by the ping program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.81-92
• /
• 2009

Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.417-429
• /
• 2019

WPA2-PSK uses a 4-way handshake protocol based on a shared secret to establish a secure session between a client and an AP. It has various security problems such as eavesdropping attacks and the secure session establishment process is inefficient because it requires multiple interactions between client and AP. The WPA3 standard has recently been proposed to solve the security problem of WPA2, but it is a small improvement using the same 4-way handshake methodology. OAuth 2.0 token authentication is widely used on the web, which can be used to keep an authenticated state of a client for a long time by using tokens issued to an authenticated client. In this paper, we apply the dual-token based randomized token authentication technology to the Wi-Fi security protocol to achieve an efficient Wi-Fi security protocol by dividing initial authentication and secure session establishment. Once a client is authenticated and equipped with dual tokens issued by AP, it can establish secure session using them quickly with one message exchange over a non-secure channel.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.2 no.2
• /
• pp.117-130
• /
• 1999

In this paper, the performance of data communication function of military radio equipment P-999K is analyzed based on the standard CSMA/CA protocol which is DFWMAC standard protocol done by IEEE802.11 work group. Basic three standard protocols, i.e. Basic CSMA/CA, Stop & Wait ARQ and 4-Way Handshake CSMA/CA protocols are analyzed and compared with each other under the hidden terminal environment. The computer simulation is also done by using SIMSCRIPT II.5 which is popular software tool for an independent processing. The results show that p-persistent(with p=0.3) CSMA scheme is superior to non-persistent CSMA scheme with non-hidden terminal condition, but the performances of both schemes are almost same with hidden terminal situation. And the results of computer simulations are also showed that Basic CSMA/CA protocol is superior to the other protocols when the ratio of hidden terminals is below 10 % of total user population, however, with the above 20% hidden terminals environment and the higher offered traffic conditions the 4-Way Handshake CSMA/CA protocol shows the most superior performance.

• Journal of Internet Computing and Services
• /
• v.12 no.2
• /
• pp.75-83
• /
• 2011

Wireless services and devices that use frequency increase more and more because of advancement of the industry. Therefore, the available spectrum band becomes increasingly insufficient. Cognitive Radio, which adaptively utilizes the vacant licensed spectrum band, is considered as an effective way to utilize the spectrum resource shortage. CR user should move from current allocated channel to vacant channel to avoid the interference to the primary user when the primary user appears in the current channel. In this case, CR system undergoes the break off time until handshake is completed. So, in order to guarantee the Quality of Service(QoS) of CR system, fast handshake method is required. In this paper, we propose the embedded control signal transmission technique to reduce the break off time. This method can transmit the control signals in data transmission period as well as the broadcasting period. Proposed method can improve the data throughput and decrease the break off time. Computer based simulation proves that our proposed scheme outperforms conventional one.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.11
• /
• pp.2031-2038
• /
• 2008

A small-area and high-speed authentication/security processor (WUSB_Sec) IP is designed, which performs the 4-way handshake protocol for authentication between host and device, and data encryption/decryption of wireless USB system. The PRF-256 and PRF-64 are implemented by CCM (Counter mode with CBC-MAC) operation, and the CCM is designed with two AES (Advanced Encryption Standard) encryption coles working concurrently for parallel processing of CBC mode and CTR mode operations. The AES core that is an essential block of the WUSB_Sec processor is designed by applying composite field arithmetic on AF$(((2^2)^2)^2)$. Also, S-Box sharing between SubByte block and key scheduler block reduces the gate count by 10%. The designed WUSB_Sec processor has 25,000 gates and the estimated throughput rate is about 480Mbps at 120MHz clock frequency.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.1
• /
• pp.112-120
• /
• 2009

This paper proposes a session key distribution scheme on non-interactive key distribution algorithm of Identity-based cryptography in V2I of VANET. In the current VANET, IEEE 802.11i is used to provide secure data communication between the vehicle and infrastructure. However, since the 4-way handshake procedure reply when the vehicle handover to another RSU/AP, IEEE 802.11i increases the communication overhead and latency. The proposed scheme using non-interactive key distribution algorithm of Identity-based cryptography provided session key generation and exchange without message exchange and reduced communication overhead and latency than the IEEE 802.11i.