Nikita Borisov, University of Illinois at Urbana-Champaign
The IEEE (Institute of Electrical and Electronics Engineers) 802.11 standard is the most popular mechanism for wireless networking. First standardized in 1997 (IEEE Computer Society, 1997), it has grown to many millions of deployed nodes and more than a billion-dollar annually industry. The use of a wireless medium presented new security threats because anyone within transmission range of the network could both eavesdrop on the network traffic and inject malicious contents. To address these threats, the 802.11 standard incorporated the wired equivalent privacy (WEP) protocol with the goal of preventing casual eavesdropping and providing a level of security similar to wired networks. It was discovered, however, that WEP contained numerous security flaws and in fact did not meet any of its goals. Attackers could easily exploit these flaws, and tools automating some of the attacks were made widely available. Responding to this security failure, the 802.11i task group was formed to redesign the 802.11 security suite. The group produced two standards, a short-term solution designed to run on existing hardware ...