Towards formal analysis of wireless LAN security with MIS protocol

Ilsun You, Yoshiaki Hori, Kouichi Sakurai

Research output: Contribution to journalArticle

8 Citations (Scopus)

Abstract

In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP.

Original languageEnglish
Pages (from-to)112-120
Number of pages9
JournalInternational Journal of Ad Hoc and Ubiquitous Computing
Volume7
Issue number2
DOIs
Publication statusPublished - Mar 1 2011

Fingerprint

Management information systems
Local area networks
Network protocols
Internet
Denial-of-service attack

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Towards formal analysis of wireless LAN security with MIS protocol. / You, Ilsun; Hori, Yoshiaki; Sakurai, Kouichi.

In: International Journal of Ad Hoc and Ubiquitous Computing, Vol. 7, No. 2, 01.03.2011, p. 112-120.

Research output: Contribution to journalArticle

@article{776895daa8a94747bb6b8974785404a3,
title = "Towards formal analysis of wireless LAN security with MIS protocol",
abstract = "In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP.",
author = "Ilsun You and Yoshiaki Hori and Kouichi Sakurai",
year = "2011",
month = "3",
day = "1",
doi = "10.1504/IJAHUC.2011.038997",
language = "English",
volume = "7",
pages = "112--120",
journal = "International Journal of Ad Hoc and Ubiquitous Computing",
issn = "1743-8225",
publisher = "Inderscience Enterprises Ltd",
number = "2",

}

TY - JOUR

T1 - Towards formal analysis of wireless LAN security with MIS protocol

AU - You, Ilsun

AU - Hori, Yoshiaki

AU - Sakurai, Kouichi

PY - 2011/3/1

Y1 - 2011/3/1

N2 - In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP.

AB - In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP.

UR - http://www.scopus.com/inward/record.url?scp=79952587062&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79952587062&partnerID=8YFLogxK

U2 - 10.1504/IJAHUC.2011.038997

DO - 10.1504/IJAHUC.2011.038997

M3 - Article

AN - SCOPUS:79952587062

VL - 7

SP - 112

EP - 120

JO - International Journal of Ad Hoc and Ubiquitous Computing

JF - International Journal of Ad Hoc and Ubiquitous Computing

SN - 1743-8225

IS - 2

ER -