Security flaws in 802.11 data link protocols

  title={Security flaws in 802.11 data link protocols},
  author={Nancy Cam-Winget and Russ Housley and David A. Wagner and Jesse Walker},
  journal={Commun. ACM},
Understanding the difficulties in security protocol design and attempting to relocate the struggle between hacker and defender to a different protocol layer. 

Autonomic 802.11 wireless LAN security auditing

The authors describe their Distributed Wireless Security Auditor (DWSA), which works toward finding unauthorized wireless access points in large-scale wireless environments while providing an

Exposing WPA2 security protocol vulnerabilities

The aim of this paper is to present a methodology that demonstrates how the WPA2 security protocol can be fully exposed by malicious attacks.

Multi-Level Security for Wireless LAN

This work focuses on using existing protocols, standards, tools and technologies to implement a secure wireless LAN, and implementing SSLD security, MAC address filtering, encryption and RADIUS based authentication of wireless clients.

Practical WLAN security

The result of practical experiments show upon how easy it is to break encryptions and deploying Evil twins, even with very little understanding of the security structure.

New protocol design for wireless networks security

A number of measures are proposed to counter most of the known vulnerabilities that face the wireless networks security today, and can be used in a number of security related fields.

Overview of WLAN security

A general overview of various security schemes designed to protect wireless networks is offered, and for each respective scheme, advantages and disadvantages are examined.

802.11 DCF Denial of Service Vulnerabilities

It is demonstrated that 802.11 wireless LANs are particularly vulnerable to denial of service attacks and should not be used where availability is essential.

Wireless LANs – Convenience or Security

The goal of this paper is to analyze the various security policies in force and provide a platform for the development of a more robust and secure architecture.

Enhanced WEP: An efficient solution to WEP threats

  • H. R. HassanY. Challal
  • Computer Science
    Second IFIP International Conference on Wireless and Optical Communications Networks, 2005. WOCN 2005.
  • 2005
This paper analyzes WEP security holes and proposes an improvement over WEP which achieves, in addition to its security goals, another security service which is replay detection.



Security problems in 802.11-based networks

Assessing inherent wireless network security deficiencies and seeking solutions in the rapidly changing environment of wired and mobile networks.

Intercepting mobile communications: the insecurity of 802.11

Several serious security flaws in the Wired Equivalent Privacy protocol are discovered, stemming from mis-application of cryptographic primitives, which lead to a number of practical attacks that demonstrate that WEP fails to achieve its security goals.

Using the Fluhrer, Mantin, and Shamir Attack to Break WEP

It is concluded that 802.11 WEP is totally insecure, and some recommendations are provided to make the attack more efficient.

Unsafe at any key size; An analysis of the WEP encapsulation

It is infeasible to achieve privacy with the WEP encapsulation by simply increasing key size, and the characteristics needed by any encryption algorithm that can effectively provide data privacy in a wireless environment are identified, and a replacement encapsulation is recommended.

Weaknesses in the Key Scheduling Algorithm of RC4

It is shown that RC4 is completely insecure in a common mode of operation which is used in the widely deployed Wired Equivalent Privacy protocol (WEP, which is part of the 802.11 standard), in which a fixed secret key is concatenated with known IV modifiers in order to encrypt different messages.

Recommendation for Block Cipher Modes of Operation: Methods and Techniques

Abstract : This recommendation defines five confidentiality modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC),

David Wagner ( is an assistant professor at the University of California at Berkeley

  • David Wagner ( is an assistant professor at the University of California at Berkeley

Jesse Walker ( is a security architect at Intel Corporation in Hillsboro, OR, and editor for the IEEE 802

  • Jesse Walker ( is a security architect at Intel Corporation in Hillsboro, OR, and editor for the IEEE 802

Nancy Cam-Winget ( is a technical leader at Cisco Systems

  • Nancy Cam-Winget ( is a technical leader at Cisco Systems