Wireless Encryption and WPA2 Weaknesses

Moissinac, Kyle; Ramos, David; Rendon, Giovanna; Elleithy, Abdelrahman

doi:10.1109/ccwc51732.2021.9376023

Cited by 8 publications

(4 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…WPA version 3 is the most recent and secure [ 30 ]. Still, many APs run on WPA2, which has several vulnerabilities associated to it [ 31 , 32 , 33 ]. WPA2 is based on IEEE 802.11i and was ratified in 2004 [ 34 , 35 ].…”

Section: Background and Related Workmentioning

confidence: 99%

“…Enterprise mode utilizes an authentication server that administers individual session keys and is designed for larger networks of upwards of 10 stations [ 36 ]. The WPA2 Personal is sometimes referred to as PSK mode because the AP authenticates the user and encrypts the connection based on a single key known by all stations in the network [ 31 ].…”

Section: Background and Related Workmentioning

confidence: 99%

“…WPA2 Personal encryption is based on CCMP (Counter Mode with Cipher Block Chaining Message) with the AES block cipher [ 31 , 34 ]. Unicast messages are encrypted using a PTK while a GTK is used for multicast and broadcast messages on the network.…”

Section: Background and Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Automatic Verification and Execution of Cyber Attack on IoT Devices

Færøy

Yamin

Shukla

et al. 2023

Sensors

View full text Add to dashboard Cite

Internet of Things (IoT) devices are becoming a part of our daily life; from health monitors to critical infrastructure, they are used everywhere. This makes them ideal targets for malicious actors to exploit for nefarious purposes. Recent attacks like the Mirai botnet are just examples in which default credentials were used to exploit thousands of devices. This raises major concerns about IoT device security. In this work, we aimed to investigate security of IoT devices through performing automatic penetration test on IoT devices. A penetration test is a way of detecting security problems, but manually testing billions of IoT devices is infeasible. This work has therefore examined autonomous penetration testing on IoT devices. In recent studies, automated attack execution models were developed for modeling automated attacks in cyber ranges. We have (1) investigated how such models can be applied for performing autonomous IoT penetration testing. Furthermore, we have (2) investigated if some well known and severe Wi-Fi related vulnerabilities still exist in IoT devices. Through a case study, we have shown that the such models can be used to model and design autonomous penetration testing agents for IoT devices. In addition, we have demonstrated that well-known vulnerabilities are present in deployed and currently sold products used in IoT devices, and that they can be both autonomously revealed through our developed system.

show abstract

Section: Background and Related Workmentioning

confidence: 99%

Section: Background and Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Automatic Verification and Execution of Cyber Attack on IoT Devices

Færøy

Yamin

Shukla

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…After WPA was proven to have major flaws and vulnerabilities, it was replaced by WPA2 in 2004 and is still being used until now. Finally, Wi-Fi Protected Access 3 (WPA3) was released in 2018 to solve all the shortcomings of its predecessors by providing high protection and usability for its users [2].…”

Section: Introductionmentioning

confidence: 99%

Wireless Security Protocols WPA3: A Systematic Literature Review

Halbouni,

Ong,

Leow

2023

IEEE Access

View full text Add to dashboard Cite

The size of wireless networks and the number of wireless devices are growing daily. A crucial part of wireless security involves preventing unauthorized access by using wireless security protocols in order to protect the data in wireless networks. In 2018, Wi-Fi Protected Access 3 (WPA3) was ratified to protect the data in devices bearing the Wi-Fi trademark. WPA3 has many security improvements over previous wireless security protocols, by providing a better encryption method and key sharing. In this paper, a Systematic Literature Review (SLR) was conducted to analyze three aspects of WPA3 protocol: the reasons behind the release of WPA3, the encryption methods and mode of operation in this protocol, and the attacks that remain penetrating WPA3. In this review, thirty-six articles were identified as the selected research articles, written between 2018 and 2023, focusing mainly on WPA3. After the analysis of the selected articles, the encryption methods and modes of operation were presented in the SLR. In addition, the vulnerabilities that the WPA3 protocol solved and the ones that remain unsolved were discussed. This study concluded that WPA3 excels over its predecessors by providing more security and reliability to wireless networks. The result of this SLR of WPA3 proposes two methods that seek to increase the security level of WPA3 networks, which has been discussed in the discussion section.

show abstract

Performance Evaluation and Analysis of Wi-Fi Security Protocols

Bhattacharjee

Senapati

2023

Intelligent Sustainable Systems

View full text Add to dashboard Cite

Wireless Encryption and WPA2 Weaknesses

Cited by 8 publications

References 25 publications

Automatic Verification and Execution of Cyber Attack on IoT Devices

Automatic Verification and Execution of Cyber Attack on IoT Devices

Wireless Security Protocols WPA3: A Systematic Literature Review

Performance Evaluation and Analysis of Wi-Fi Security Protocols

Contact Info

Product

Resources

About