1. UKM Learning and Research Repository
2. Master Thesis / Tesis Master
3. Faculty of Engineering and Built Environment / Fakulti Kejuruteraan dan Alam Bina

Title:	The design of secure key management algorithm for wireless local area network
Authors:	Salman Basiri (P52908)
Supervisor:	Kasmiran Jumari, Prof. Dr.
Keywords:	Universiti Kebangsaan Malaysia -- Dissertations Dissertations, Academic -- Malaysia Local area networks (Computer networks) Wireless communication systems
Issue Date:	3-Jul-2012
Description:	Wireless Local Area Networks (WLANs) are being used widely, however, their security and privacy are important concerns for most of users. Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP) and Cipher Block Chaining Message Authentication Code Protocol (CCMP) are three different security protocols which designed to address the security problems related to WLANs. WEP and TKIP are completely vulnerable and different attacks have been introduced against them. Brute force attack on Extensible Authentication Protocol Over LAN (EAPOL) is also been introduced on CCMP protocol. One of main reasons behind these attacks is key negotiation and handshake of wireless stations. Although the per packet key was designed in previous protocols, there is no method to upgrade and regenerate the Pair wise Master Key (PMK) and Pair wise Transient Key (PTK) dynamically. In this study, in order to improve the security of the network and prevent the mentioned attacks, new key management algorithm including the key negotiation and key generation algorithm and estimating the performance and security of algorithm are provided. The overall methodology consists of ways for authenticating the wireless client and regenerating the PMK and PTK dynamically during their communication, estimating the strength of method by analyzing four different security type attacks and experiment of using wireless hacking tool against method and measuring and calculating the performance of algorithm. The network simulation NS2 is used for testing the algorithm. In the presented method of this study, two parties can securely and mutually authenticate to each other and in key negotiation they can initiate the process and change their PTK without exchanging any extra packet. The PMK regeneration algorithm use hidden message to change the PMK silently. This will prevent the attacker’s sniffing activity and mislead them. The proposed method can prevent key recovery attack, man in the middle and reply attacks. Different performance metrics are estimated including energy consumption, authentication time, number of exchanged messages and effect of method on the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) throughput. The presented method consists of transmitting two packets during authentication and two packets during re-authentication (PMK regeneration). The energy consumption and authentication time are dependent to the size of packets and the construction method of packet. The authentication time and energy consumption for 100 bytes sized packets constructed with Advanced Encryption Standard (AES) and Hashbased Message Authentication Code- Secure Hash Algorithm (HMAC-SHA-1) are 0.90 ms and 5.12 mJ respectively. The degradation of throughput in TCP and UDP traffic was very negligible. The decrease of throughput in UDP and TCP traffic was around 0.01 % and 0.699 % respectively. The comparisons of the method in this study with other works validate the efficiency of the method and support it as secure, fast, lightweight key management algorithm.,Certification of Masters/ Doctorial Thesis" is not available
Pages:	106
Call Number:	TK5105.7.B365
Publisher:	UKM, Bangi
Appears in Collections:	Faculty of Engineering and Built Environment / Fakulti Kejuruteraan dan Alam Bina

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.