Simultaneous Authentication of Equals

Last updated

In cryptography, Simultaneous Authentication of Equals (SAE) is a password-based authentication and password-authenticated key agreement method. [1]

Contents

Authentication

SAE is a variant of the Dragonfly Key Exchange defined in RFC   7664, [2] based on Diffie–Hellman key exchange using finite cyclic groups which can be a primary cyclic group or an elliptic curve. [1] The problem of using Diffie–Hellman key exchange is that it does not have an authentication mechanism. So the resulting key is influenced by a pre-shared key and the MAC addresses of both peers to solve the authentication problem.

Use

IEEE 802.11s

SAE was originally implemented for use between peers in IEEE 802.11s. [1] When peers discover each other (and security is enabled) they take part in an SAE exchange. If SAE completes successfully, each peer knows the other party possesses the mesh password and, as a by-product of the SAE exchange, the two peers establish a cryptographically strong key. This key is used with the "Authenticated Mesh Peering Exchange" (AMPE) to establish a secure peering and derive a session key to protect mesh traffic, including routing traffic.

WPA3

In January 2018, the Wi-Fi Alliance announced WPA3 as a replacement to WPA2. [3] [4] The new standard uses 128-bit encryption in WPA3-Personal mode (192-bit in WPA3-Enterprise) [5] and forward secrecy. [6] The WPA3 standard also replaces the pre-shared key (PSK) exchange with Simultaneous Authentication of Equals as defined in IEEE 802.11-2016 resulting in a more secure initial key exchange in personal mode. [7] [8] The Wi-Fi Alliance also claims that WPA3 will mitigate security issues posed by weak passwords and simplify the process of setting up devices with no display interface. [9]

Security

In 2019 Eyal Ronen and Mathy Vanhoef (co-author of the KRACK attack) released an analysis of WPA3's Dragonfly handshake and found that "an attacker within range of a victim can still recover the password" and the bugs found "allow an adversary to impersonate any user, and thereby access the Wi-Fi network, without knowing the user's password." [10] [11]

See also

Related Research Articles

<span class="mw-page-title-main">IEEE 802.11</span> Wireless network standard

IEEE 802.11 is part of the IEEE 802 set of local area network (LAN) technical standards, and specifies the set of medium access control (MAC) and physical layer (PHY) protocols for implementing wireless local area network (WLAN) computer communication. The standard and amendments provide the basis for wireless network products using the Wi-Fi brand and are the world's most widely used wireless computer networking standards. IEEE 802.11 is used in most home and office networks to allow laptops, printers, smartphones, and other devices to communicate with each other and access the Internet without connecting wires. IEEE 802.11 is also a basis for vehicle-based communication networks with IEEE 802.11p.

<span class="mw-page-title-main">Wi-Fi</span> Wireless local area network

Wi-Fi is a family of wireless network protocols based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio waves. These are the most widely used computer networks, used globally in home and small office networks to link devices and to provide Internet access with wireless routers and wireless access points in public places such as coffee shops, hotels, libraries, and airports.

<span class="mw-page-title-main">Wireless access point</span> Device that allows wireless devices to connect to a wired network

In computer networking, a wireless access point (WAP) is a networking hardware device that allows other Wi-Fi devices to connect to a wired network or wireless network. As a standalone device, the AP may have a wired or wireless connection to a switch or router, but in a wireless router it can also be an integral component of the networking device itself. A WAP and AP is differentiated from a hotspot, which can be a physical location or digital location where Wi-Fi or WAP access is available.

Wired Equivalent Privacy (WEP) is an obsolete, severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits, was at one time widely used, and was often the first security choice presented to users by router configuration tools.

Wi-Fi Protected Access (WPA), Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP).

An authentication protocol is a type of computer communications protocol or cryptographic protocol specifically designed for transfer of authentication data between two entities. It allows the receiving entity to authenticate the connecting entity as well as authenticate itself to the connecting entity by declaring the type of information needed for authentication as well as syntax. It is the most important layer of protection needed for secure communication within computer networks.

IEEE 802.11i-2004, or 802.11i for short, is an amendment to the original IEEE 802.11, implemented as Wi-Fi Protected Access II (WPA2). The draft standard was ratified on 24 June 2004. This standard specifies security mechanisms for wireless networks, replacing the short Authentication and privacy clause of the original standard with a detailed Security clause. In the process, the amendment deprecated broken Wired Equivalent Privacy (WEP), while it was later incorporated into the published IEEE 802.11-2007 standard.

<span class="mw-page-title-main">Wi-Fi Alliance</span> Non-profit organization that owns the Wi-Fi trademark

The Wi-Fi Alliance is a non-profit organization that owns the Wi-Fi trademark. Manufacturers may use the trademark to brand products certified for Wi-Fi interoperability. It is based in Austin, Texas.

Temporal Key Integrity Protocol is a security protocol used in the IEEE 802.11 wireless networking standard. TKIP was designed by the IEEE 802.11i task group and the Wi-Fi Alliance as an interim solution to replace WEP without requiring the replacement of legacy hardware. This was necessary because the breaking of WEP had left Wi-Fi networks without viable link-layer security, and a solution was required for already deployed hardware. However, TKIP itself is no longer considered secure, and was deprecated in the 2012 revision of the 802.11 standard.

IEEE 802.11r-2008 or fast BSS transition (FT), is an amendment to the IEEE 802.11 standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure client transitions from one Basic Service Set to another performed in a nearly seamless manner. It was published on July 15, 2008. IEEE 802.11r-2008 was rolled up into 802.11-2012. The terms handoff and roaming are often used, although 802.11 transition is not a true handoff/roaming process in the cellular sense, where the process is coordinated by the base station and is generally uninterrupted.

Extensible Authentication Protocol (EAP) is an authentication framework frequently used in network and internet connections. It is defined in RFC 3748, which made RFC 2284 obsolete, and is updated by RFC 5247. EAP is an authentication framework for providing the transport and usage of material and parameters generated by EAP methods. There are many methods defined by RFCs, and a number of vendor-specific methods and new proposals exist. EAP is not a wire protocol; instead it only defines the information from the interface and the formats. Each protocol that uses EAP defines a way to encapsulate by the user EAP messages within that protocol's messages.

In cryptography, a password-authenticated key agreement (PAK) method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password.

MS-CHAP is the Microsoft version of the Challenge-Handshake Authentication Protocol, (CHAP).

<span class="mw-page-title-main">Wireless security</span> Aspect of wireless networks

Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks, which include Wi-Fi networks. The term may also refer to the protection of the wireless network itself from adversaries seeking to damage the confidentiality, integrity, or availability of the network. The most common type is Wi-Fi security, which includes Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is an old IEEE 802.11 standard from 1997. It is a notoriously weak security standard: the password it uses can often be cracked in a few minutes with a basic laptop computer and widely available software tools. WEP was superseded in 2003 by WPA, a quick alternative at the time to improve security over WEP. The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP. Enterprises often enforce security using a certificate-based system to authenticate the connecting device, following the standard 802.11X.

IEEE 802.11u-2011 is an amendment to the IEEE 802.11-2007 standard to add features that improve interworking with external networks.

wpa_supplicant Open-source implementation of IEEE 802.11i

wpa_supplicant is a free software implementation of an IEEE 802.11i supplicant for Linux, FreeBSD, NetBSD, QNX, AROS, Microsoft Windows, Solaris, OS/2 and Haiku. In addition to being a WPA3 and WPA2 supplicant, it also implements WPA and older wireless LAN security protocols.

<span class="mw-page-title-main">Aircrack-ng</span> Software suite

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows.

IEEE 802.11s is a wireless local area network (WLAN) standard and an IEEE 802.11 amendment for mesh networking, defining how wireless devices can interconnect to create a wireless LAN mesh network, which may be used for relatively fixed topologies and wireless ad hoc networks. The IEEE 802.11s task group drew upon volunteers from university and industry to provide specifications and possible design solutions for wireless mesh networking. As a standard, the document was iterated and revised many times prior to finalization.

<span class="mw-page-title-main">KRACK</span> Attack on the Wi-Fi Protected Access protocol

KRACK is a replay attack on the Wi-Fi Protected Access protocol that secures Wi-Fi connections. It was discovered in 2016 by the Belgian researchers Mathy Vanhoef and Frank Piessens of the University of Leuven. Vanhoef's research group published details of the attack in October 2017. By repeatedly resetting the nonce transmitted in the third step of the WPA2 handshake, an attacker can gradually match encrypted packets seen before and learn the full keychain used to encrypt the traffic.

Opportunistic Wireless Encryption (OWE) is a Wi-Fi standard which ensures that the communication between each pair of endpoints is protected from other endpoints. OWE was introduced by the Wi-Fi Alliance in 2018 as part of the Wi-Fi Certified Enhanced Open program.

References

  1. 1 2 3 Harkins, Dan (Aug 20, 2008). "Simultaneous Authentication of Equals: A Secure, Password-Based Key Exchange for Mesh Networks". 2008 Second International Conference on Sensor Technologies and Applications (Sensorcomm 2008). pp. 839–844. doi:10.1109/SENSORCOMM.2008.131. ISBN   978-0-7695-3330-8. S2CID   18401678 via IEEE Xplore.
  2. "Wi-Fi security gets a major update, but experts warn it's not big enough". www.cso.com.au.
  3. Dawn Kawamoto (8 January 2018). "Wi-Fi Alliance Launches WPA2 Enhancements and Debuts WPA3". DARKReading.
  4. "WPA3 protocol will make public Wi-Fi hotspots a lot more secure". TechSpot. 9 January 2018.
  5. "Wi-Fi Alliance® introduces Wi-Fi CERTIFIED WPA3™ security | Wi-Fi Alliance". www.wi-fi.org. Retrieved 2018-06-26.
  6. "The Next Generation of Wi-Fi Security Will Save You From Yourself". WIRED . Retrieved 2018-06-26.
  7. "Wi-Fi CERTIFIED WPA3™ Program" . Retrieved 2018-06-27.
  8. "Wi-Fi Gets More Secure: Everything You Need to Know About WPA3". IEEE Spectrum: Technology, Engineering, and Science News. Sep 6, 2018.
  9. "Wi-Fi Alliance® introduces security enhancements | Wi-Fi Alliance". www.wi-fi.org. Retrieved 2018-01-09.
  10. "Dragonblood: Analysing WPA3's Dragonfly Handshake". 2019-04-10.
  11. Vanhoef, Mathy; Ronen, Eyal (2019-04-10). "Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd". IEEE Symposium on Security & Privacy. IEEE.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.