Review of Basic Security MechanismsConfidentialityCryptographyAsymmetric EncryptionSymmetric EncryptionKey ManagementAccess ControlIntegritySource IntegrityData IntegrityMessage Authentication CodesDigital SignaturesReview of Previous IEEE 802.11 Security MechanismsConfidentialityRC4 and WEPInitialization VectorIntegrity Check ValueWEP Datagram FormatKey ManagementAccess ControlIntegrity and AuthenticationOpen System AuthenticationShared-Key AuthenticationAttacks Against the Previous IEEE 802.11 Security MechanismsConfidentialityRC4 ProblemsMantin and Shamir Bias FlawFluhrer, Mantin, and Shamir Key Schedule AttackOther WEP ProblemsIV SpaceReplay AttacksWEP Message ModificationAn Active Implementation of Fluhrer, Mantin, and ShamirAn Inductive Chosen Plaintext AttackBase PhaseInductive PhaseMTU RecoveryBuilding the DictionaryCost of the AttackEffects of Filtering IVsAccess ControlProblems with MAC-Based Access Control ListsProblems with Proprietary Closed Network Access ControlAuthenticationShared-Key AuthenticationMan-in-the-Middle AttacksManagement FramesARP SpoofingProblems Created by Man-in-the-Middle Attacks802.1x and EAPPEAPDenial-of-Service AttacksLayer 2 Denial-of-Service Attacks Against All Wi-Fi-Based StandardsWPA Cryptographic Denial-of-Service AttackSummary