Janne Lindqvist
ABSTRACT
It is usual for 802.11 WLAN clients to probe actively for access points in order to hasten AP discovery and to find "hidden" APs. These probes reveal the client's list of preferred networks, thus, present a privacy risk: an eavesdropper can infer attributes of the client based on its associations with networks. We propose an access-point discovery protocol that supports fast discovery and hidden networks while also preserving privacy. Our solution is incrementally deployable, efficient, requires only small modifications to current client and AP implementations, interoperates with current networks, and does not change the user experience. We note that our solution is faster than the standard hidden-network discovery protocol based on measurements on a prototype implementation.
- M. Abadi and C. Fournet. Private authentication. Theor. Comput. Sci., 322(3):427--476, Sept. 2004. Google Scholar
Digital Library
- J. Arkko, P. Nikander, and M. Näslund. Enhancing Privacy with Shared Pseudo Random Sequences. In Proc. of Security Protocols, Cambridge, UK, Apr. 2005.Google Scholar
- D. Balfanz, G. Durfee, R. E. Grinter, D. Smetter, and P. Stewart. Network-in-a-Box: How to Set Up a Secure Wireless Network in Under a Minute. In Proc. of USENIX Security, May 2004. Google ScholarDigital Library
- D. Balfanz, G. Durfee, N. Shankar, D. Smetters, J. Staddon, and H.-C. Wong. Secret handshakes from pairing-based key agreements. In Proc. of IEEE Security and Privacy, May 2003. Google ScholarDigital Library
- D. Boneh, X. Boyen, and H. Shacham. Short group signatures. In Proc. of Crypto '04, Aug. 2004.Google ScholarCross Ref
- D. Boneh, C. Gentry, and B. Waters. Collusion resistant broadcast encryption with short ciphertexts and private keys. In Proc. of Crypto '05, Aug. 2005. Google ScholarDigital Library
- R. Chandra, P. Bahl, and P. Bahl. MultiNet: Connecting to Multiple IEEE 802.11 Networks Using a Single Wireless Card. In Proc. of Infocom, Mar. 2004.Google ScholarCross Ref
- L. P. Cox, A. Dalton, and V. Marupadi. SmokeScreen: Flexible Privacy Controls for Presence-Sharing. In Proc. of MobiSys '07, June 2007. Google ScholarDigital Library
- L. C. C. Desmond, C. C. Yuan, T. C. Pheng, and R. S. Lee. Identifying unique devices through wireless fingerprinting. In Proc of WiSec, March/April 2008. Google ScholarDigital Library
- J.-E. Ekberg. Implementing Wibree Address Privacy. 1st International Workshop on Security for Spontaneous Interaction, 2007.Google Scholar
- J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, J. V. Randwyk, and D. Sicker. Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting. In Proc. of USENIX Security, pages 167--178, July/August 2006. Google ScholarDigital Library
- J. Geier. Wireless Networks first-step. Cisco Press, Aug. 2004. Google ScholarDigital Library
- B. Greenstein, R. Gummadi, J. Pang, M. Y. Chen, T. Kohno, S. Seshan, and D. Wetherall. Can Ferris Bueller Still Have His Day Off? Protecting Privacy in an Era of Wireless Devices. In Proc. of HotOS XI, May 2007. Google ScholarDigital Library
- B. Greenstein, D. McCoy, J. Pang, T. Kohno, S. Seshan, and D. Wetherall. Improving wireless privacy with an identifier-free link layer protocol. In Proc. of MobiSys '08, June 2008. Google ScholarDigital Library
- M. Gruteser and D. Grunwald. Enhancing location privacy in wireless LAN through disposable interface identifiers: A quantitative analysis. In Proc. of ACM WMASH, Sept. 2003. Google ScholarDigital Library
- IEEE Std 802.11-2007 Revision of IEEE Std 802.11-1999, June 2007.Google Scholar
- ISO/IEC. Information technology -- Security techniques -- Entity authentication -- Part 4: Mechanisms using a cryptographic check function, 1999. Reference number ISO/IEC 9798-4:1999(E).Google Scholar
- T. Jiang, H. J. Wang, and Y.-C. Hu. Location privacy in wireless networks. In Proc. of MobiSys '07, June 2007.Google ScholarDigital Library
- A. Juels. RFID security and privacy: a research survey. IEEE JSAC, Feb. 2006.Google ScholarDigital Library
- B. Kalinski. RFC 2898: PKCS #5: Password-Based Cryptography Specification Version 2.0, Sept. 2000. Google ScholarDigital Library
- H. Krawczyk, M. Bellare, and R. Canetti. RFC 2104: HMAC: Keyed-Hashing for Message Authentication, Feb. 1997. Google ScholarDigital Library
- J. Lindqvist, T. Aura, G. Danezis, T. Koponen, A. Myllyniemi, J. Mäki, and M. Roe. Privacy-preserving 802.11 access-point discovery (full version). Microsoft Research Technical Report, MSR-TR-2009-7, Jan. 2009.Google Scholar
- J. Lindqvist and L. Takkinen. Privacy management for secure mobility. In ACM Workshop on Privacy in the Electronic Society (WPES), Oct. 2006. Google ScholarDigital Library
- Meraki Inc. Meraki mini specification. http://www.meraki.com/.Google Scholar
- R. Molva and G. Tsudik. Secret sets and applications. Information Processing Letters, 65, 1998. Google ScholarDigital Library
- OpenWrt. http://openwrt.org/.Google Scholar
- ORBIT. Wireless testbed. http://www.orbit-lab.org/.Google Scholar
- A. Palekar, D. Simon, J. Salowey, H. Zhou, G. Zorn, and S. Josefsson. Protected EAP Protocol (PEAP) Version 2, Oct. 2004. Internet-Draft. Expired.Google Scholar
- J. Pang, B. Greenstein, R. Gummadi, S. Seshan, and D. Wetherall. 802.11 user fingerprinting. In MobiCom'07, Sept. 2007. Google ScholarDigital Library
- J. Pang, B. Greenstein, D. McCoy, S. Seshan, and D. Wetherall. Tryst: The Case for Confidential Service Discovery. In Proc. of HotNets-VI, Nov. 2007.Google Scholar
- J. W. Rittinghouse and J. F. Ransome. Wireless Operational Security. Digital Press, Mar. 2004. Google ScholarDigital Library
- T. S. Saponas, J. Lester, C. Hartung, S. Agarwal, and T. Kohno. Devices That Tell On You: Privacy Trends in Consumer Ubiquitous Computing. In Proc. of USENIX Security, Aug. 2007. Google ScholarDigital Library
- D. Stanley, J. Walker, and B. Aboba. RFC 4017: Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs, Mar. 2005.Google Scholar
- R. Stanley. Managing Risk in a Wireless Environment: Security, Audit and Control Issues. Information Systems Audit and Control Association, 2005.Google Scholar
- Wifi Alliance. Wi-fi protected setup specification, version 1.0h, Dec. 2006.Google Scholar
- E. Wilding. Information Risk And Security: Preventing And Investigating Workplace Computer Crime. Gower Publishing, 2006. Google ScholarDigital Library
- F.-L. Wong and F. Stajano. Location Privacy in Bluetooth. In Proc. of ESAS '05, July 2005. Google ScholarDigital Library
Index Terms
- Privacy-preserving 802.11 access-point discovery
Recommendations
Carrier sense multiple access with improvised collision avoidance and short-term fairness
In this paper, we present a simple method to simultaneously enhance collision avoidance efficiency and short-term fairness of a most popular contention based medium access control protocol, carrier sense multiple access with collision avoidance. The key ...
A study on the influence of transmission errors on WLAN IEEE 802.11 MAC performance
Since the advent of the first IEEE 802.11 standard for WLANs, several papers have been presented that evaluate the IEEE 802.11 DCF access method. In realistic WLAN environments frame errors usually occur due to non-ideal channel conditions; in this way, ...
A measurement based method for estimating the number of contending stations in IEEE 802.11 WLAN under erroneous channel condition
ICCSA'11: Proceedings of the 2011 international conference on Computational science and Its applications - Volume Part VPerformance on throughput of IEEE 802.11 distributed coordination function (DCF) is severely affected by the number of contending stations. Thus, many methods for estimating the number of contending stations have been proposed in order to improve the ...
Comments