Document Type

Article

Publication Date

1-2010

Publication Title

Dartmouth Computer Science Technical Report TR2010-661

Abstract

Determining whether a client station should trust an access point is a known problem in wireless security. Traditional approaches to solving this problem resort to cryptography. But cryptographic exchange protocols are complex and therefore induce potential vulnerabilities in themselves. We show that measurement of clock skews of access points in an 802.11 network can be useful in this regard, since it provides fingerprints of the devices. Such fingerprints can be used to establish the first point of trust for client stations wishing to connect to an access point. Fingerprinting can also be used in the detection of fake access points. We demonstrate deficiencies of previously studied methods that measure clock skews in 802.11 networks by means of an attack that spoofs clock skews. We then provide means to overcome those deficiencies, thereby improving the reliability of fingerprinting. Finally, we show how to perform the clock-skew arithmetic that enables network providers to publish clock skews of their access points for use by clients.

Comments

Dartmouth Computer Science Technical Report TR2010-661

This technical report is an expanded version of the paper that is to appear in Proceedings of ACM Conference on Wireless Network Security (WiSec), 2010.

Share

COinS