Wireless LAN 802.11 security using elliptic curve cryptography

Abstract

IEEE 802.11 is a standard defines the specification of Wireless Local Area Network (WLAN), came into existence in 1997. As communication medium is wireless, security is a major concern to protect the data from adversary. Existing WLAN security is primarily based on Symmetric Key Cryptography (SKC). But, major disadvantage with SKC is establishment of secret key for secure data delivery. Public key cryptography(PKC) has many advantages over Symmetric key cryptography like key management key distribution over insecure channel etc. However, PKC requires a large key size in comparison to SKC to provide same level of security. This makes PKC costly operation and not suitable for the environment like WLAN where limited memory is available for WLAN devices. In recent years, Elliptic Curve Cryptography (ECC) has gained a lot of attention from research communities, because ECC seems to promise simillar or a better level of security with smaller key size in comparison with conventional PKC (e.g. RSA, DSS). These features make them workable under constraint environment. In this thesis, we have studied the security evolution of WLAN 802.11 with Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). We have observed some limitations of WEP and WPA. We, then, present a new protocol using ECC for mutual authentication and session key establishment. We compare our protocol with simillar protocols for wireless security and show that the proposed protocol is efficient w.r.t. space, bandwidth and computational cost at Client side. The security analysis of proposed protocol shows that it may achieve forward secrecy with respect to Client, joint key control, key integrity and resists guessing, replay, impersonantion attacks. A thorough forrmal security analysis is required to be done.