A Secure Session Key Negotiation Scheme in WPA2-PSK Networks

Abstract

Wi-Fi Protected Access II Pre-Shared Key (WPA2-PSK) is a hot way to wireless security in public Wi-Fi networks. It works on a pre-configured passphrase shared with all stations in the same Wi-Fi network. Session keys (e.g., Pairwise Transient Key, PTK) between stations and the access point (AP) are derived from the passphrase. The WPA2-PSK networks can authenticate external stations, however, they fail to guarantee confidential communication if internal attackers own the passphrase in the network since all stations derive their PTK using the same passphrase. To prevent internal stations from eavesdropping the PTK, a secure session key negotiation scheme in WPA2-PSK Networks (SSKNS) is proposed. We introduce a temporary session key (TSK), which is encrypted using elliptic curve cryptography (ECC) and exchanged securely between the station and the AP in the Wi-Fi association process. Through AES algorithm with TSK, the station encrypts its own nonce used to generate the unique PTK in the 4-way process. Our scheme neither modifies the legacy process related to PTK generation nor adds plethoric overhead on excessive protection of all messages. Security analysis and simulations performed in NS-3 demonstrate that by consuming a few computation overheads, SSKNS can effectively provide security level, compared with the existing schemes.