Abstract

Simultaneous Authentication of Equals (SAE) is a password-authenticated key exchange protocol that is designed to replace the WPA2-PSK-based authentication. The SAE authenticated key exchange protocol supports the peer-to-peer authentication and is one of the major authentication mechanisms of the Authentication and Key Management Suite specified within Wi-Fi. The SAE authenticated key exchange protocol has been widely implemented in today’s Wi-Fi devices as part of major security feature upgrades and is regarded as the third generation of Wi-Fi Protected Access. This article presents a way of attacking the weaker randomness generation algorithm within the SAE protocols, which can lead to successful impersonation types of attacks. We also suggest some protocol amendments for protection. It is recommended that SAE implementations should be upgraded to ensure protection against these attacks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
ID2S Password-Authenticated Key Exchange Protocols
Xun Yi ... Albert Y Zomaya
IEEE Transactions on Computers | VOL. 65
Xun Yi, et. al.Xun Yi ... Albert Y Zomaya
01 Jan 2015
Thought-Based Authenticated Key Exchange
Phillip H Griffin
-
Phillip H GriffinPhillip H Griffin
01 Dec 2019
Analysis of Two Pairing-Based Three-Party Password Authenticated Key Exchange Protocols
Raphael C.-W Phan ... Wei-Chuen Yau
-
Raphael C.-W Phan, et. al.Raphael C.-W Phan ... Wei-Chuen Yau
01 Jan 2009
New Approaches to Password Authenticated Key Exchange Based on RSA
Muxiang Zhang
-
Muxiang ZhangMuxiang Zhang
01 Jan 2004
View more papers

More From: Digital Threats: Research and Practice

Paper Title
Journal
Date
Author
Social Media Authentication and Combating Deepfakes using Semi-fragile Invisible Image Watermarking
Aakash Varma Nadimpalli ... Ajita Rattani
Digital Threats: Research and Practice | VOL. -
Aakash Varma Nadimpalli, et. al.Aakash Varma Nadimpalli ... Ajita Rattani
12 Oct 2024
Fuzzing and Symbolic Execution for Multipath Malware Tracing: Bridging Theory and Practice via Survey and Experiments
Marcus Botacin
Digital Threats: Research and Practice | VOL. -
Marcus BotacinMarcus Botacin
11 Oct 2024
Data Synthesis Is Going Mobile—On Community-Driven Dataset Generation for Android Devices
Markus Demmel ... Harald Baier
Digital Threats: Research and Practice | VOL. 5
Markus Demmel, et. al.Markus Demmel ... Harald Baier
30 Sep 2024
Does Cyber Insurance Promote Cyber Security Best Practice? An Analysis Based on Insurance Application Forms
Rodney Adriko ... Jason R C Nurse
Digital Threats: Research and Practice | VOL. 5
Rodney Adriko, et. al.Rodney Adriko ... Jason R C Nurse
30 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.