Extending Automated Protocol State Learning for the 802.11 4-Way Handshake
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Authors
Colleges, School and Institutes
Abstract
We show how state machine learning can be extended to handle time out behaviour and unreliable communication mediums. This enables us to carry out the first fully automated analysis of 802.11 4-Way Handshake implementations. We develop a tool that uses our learning method and apply this to 7 widely used Wi-Fi routers, finding 3 new security critical vulnerabilities: two distinct downgrade attacks and one router that can be made to leak some encrypted data to an attacker before authentication.
Details
| Original language | English |
|---|---|
| Title of host publication | Computer Security |
| Subtitle of host publication | 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part I |
| Editors | Javier Lopez, Jianying Zhou, Miguel Soriano |
| Publication status | Published - 8 Aug 2018 |
| Event | 23rd European Symposium on Research in Computer Security, ESORICS 2018 - Barcelona, Spain Duration: 3 Sep 2018 → 7 Sep 2018 |
Publication series
| Name | Lecture Notes in Computer Science |
|---|---|
| Volume | 11098 |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 23rd European Symposium on Research in Computer Security, ESORICS 2018 |
|---|---|
| Abbreviated title | ESORICS 2018 |
| Country | Spain |
| City | Barcelona |
| Period | 3/09/18 → 7/09/18 |