ROBUST AND LOW LATENCY SECURITY FRAMEWORK FOR IEEE 802.11 WIRELESS NETWORKS

Abstract

Wireless Networks call for enhanced confidentiality, integrity and authentication services because of their inherent weakness. ‘Counter Mode Cipher Block Chaining Message Authentication Code Protocol’ (CCMP) has recently been employed to replace flawed ‘Wired Equivalent Privacy’ (WEP) Protocol for the provision of security to IEEE 802.11 wireless local area networks (WLAN). Meanwhile, IEEE 802.11s – draft standard for wireless mesh networks (WMN) – has also proposed to use CCMP. CCMP, a two pass process, introduces considerable latency in multi-hop wireless networks, such as WMN. Increase in latency leads to a decrease in the quality of service for delay sensitive real-time multimedia applications. This research exposes the vulnerability of CCMP against pre- computation time memory trade-off (TMTO) attack and proposes a framework to strengthen the security of WLAN packets using Per-Packet security mechanism. Furthermore, a novel, robust and low latency framework for WMN is also proposed. The architecture of security framework involves introduction of piggyback challenge response protocol for providing data confidentiality and data integrity. Piggyback challenge response protocol offers fresh encryption key for every packet, per-packet authentication and use of secret nonce. Authentication of every packet offers prompt defense against unauthorized access. It is also demonstrated that the security framework is robust against a variety of security attacks. Encrypted and unique nonce provides unpredictability and freshness. Unpredictability prevents pre-computation attack and freshness ensures successful defense against replay attacks. Proposed framework is simulated and its iiperformance is compared with IEEE 802.11i in terms of latency introduced by the security components. For single hop, latency due to the proposed protocol is less than half as compared to CCMP. The improvement in latency becomes more pronounced as the number of hops increase. This novel framework addresses the CCMP deficiencies of high latency and vulnerability against TMTO attack, without compromising any of the security measures implemented in the standard.