Authentication in 802.11 LANs Using a Covert Side Channel

Author

Calhoun, Telvis E., Jr. ; Newman, Reed ; Beyah, Raheem

Author_Institution

Dept. of Comput. Sci., Georgia State Univ., Atlanta, GA, USA

fYear

2009

fDate

14-18 June 2009

Firstpage

1

Lastpage

6

Abstract

We present a covert side channel technique that uses the 802.11 MAC rate switching protocol as cover for covert authentication messages. Covert authentication prevents an attacker from knowing when a user is authenticating and protects user credentials from malicious software attacks. Similar to port knocking, a remote client sends authentication messages to an access point in order to access a protected service. The technique uses a one-time password algorithm to protect against replay attacks. We investigate how the covert side channel affects node throughput in mobile and non-mobile scenarios. We also investigate the covertness of the covert side channel using standardized entropy. The results show that the performance impact is minimal and increases slightly as the authentication frequency increases. We further show that we can authenticate with 100% accuracy with minimal impact on rate switching entropy.

Keywords

access protocols; message authentication; telecommunication standards; wireless LAN; IEEE 802.11; MAC rate switching protocol; access point; covert side channel; malicious software attacks; message authentication; port knocking; replay attacks; wireless LAN; Authentication; Collision avoidance; Communications Society; Entropy; Protection; Protocols; Switches; System performance; Throughput; Watermarking;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications, 2009. ICC '09. IEEE International Conference on

Conference_Location

Dresden

ISSN

1938-1883

Print_ISBN

978-1-4244-3435-0

Electronic_ISBN

1938-1883

Type

conf

DOI

10.1109/ICC.2009.5198769

Filename

5198769