ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Privacy-preserving 802.11 access-point discovery
Full text PdfPdf (601 KB)
Source
Conference On Wireless Network Security archive
Proceedings of the second ACM conference on Wireless network security table of contents
Zurich, Switzerland
SESSION: WiFi and mesh network security table of contents
Pages 123-130  
Year of Publication: 2009
ISBN:978-1-60558-460-7
Authors
Janne Lindqvist  Helsinki University of Technology (TKK), Espoo, Finland
Tuomas Aura  Microsoft Research, Cambridge, United Kingdom
George Danezis  Microsoft Research, Cambridge, United Kingdom
Teemu Koponen  Helsinki Institute for Information Technology (HIIT), Espoo, Finland
Annu Myllyniemi  Helsinki University of Technology, Espoo, Finland
Jussi Mäki  Helsinki University of Technology, Espoo, Finland
Michael Roe  Microsoft Research, Cambridge, United Kingdom
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 34,   Downloads (12 Months): 155,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1514274.1514293
What is a DOI?

ABSTRACT

It is usual for 802.11 WLAN clients to probe actively for access points in order to hasten AP discovery and to find "hidden" APs. These probes reveal the client's list of preferred networks, thus, present a privacy risk: an eavesdropper can infer attributes of the client based on its associations with networks. We propose an access-point discovery protocol that supports fast discovery and hidden networks while also preserving privacy. Our solution is incrementally deployable, efficient, requires only small modifications to current client and AP implementations, interoperates with current networks, and does not change the user experience. We note that our solution is faster than the standard hidden-network discovery protocol based on measurements on a prototype implementation.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Martín Abadi , Cédric Fournet, Private authentication, Theoretical Computer Science, v.322 n.3, p.427-476, 6 September 2004  [doi>10.1016/j.tcs.2003.12.023]
 
2
J. Arkko, P. Nikander, and M. Näslund. Enhancing Privacy with Shared Pseudo Random Sequences. In Proc. of Security Protocols, Cambridge, UK, Apr. 2005.
 
3
Dirk Balfanz , Glenn Durfee , Rebecca E. Grinter , D. K. Smetters , Paul Stewart, Network-in-a-box: how to set up a secure wireless network in under a minute, Proceedings of the 13th conference on USENIX Security Symposium, p.15-15, August 09-13, 2004, San Diego, CA
 
4
Dirk Balfanz , Glenn Durfee , Narendar Shankar , Diana Smetters , Jessica Staddon , Hao-Chi Wong, Secret Handshakes from Pairing-Based Key Agreements, Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.180, May 11-14, 2003
 
5
D. Boneh, X. Boyen, and H. Shacham. Short group signatures. In Proc. of Crypto '04, Aug. 2004.
 
6
D. Boneh, C. Gentry, and B. Waters. Collusion resistant broadcast encryption with short ciphertexts and private keys. In Proc. of Crypto '05, Aug. 2005.
 
7
R. Chandra, P. Bahl, and P. Bahl. MultiNet: Connecting to Multiple IEEE 802.11 Networks Using a Single Wireless Card. In Proc. of Infocom, Mar. 2004.
8
Landon P. Cox , Angela Dalton , Varun Marupadi, SmokeScreen: flexible privacy controls for presence-sharing, Proceedings of the 5th international conference on Mobile systems, applications and services, June 11-13, 2007, San Juan, Puerto Rico  [doi>10.1145/1247660.1247688]
9
Loh Chin Choong Desmond , Cho Chia Yuan , Tan Chung Pheng , Ri Seng Lee, Identifying unique devices through wireless fingerprinting, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA  [doi>10.1145/1352533.1352542]
 
10
J.-E. Ekberg. Implementing Wibree Address Privacy. 1st International Workshop on Security for Spontaneous Interaction, 2007.
 
11
Jason Franklin , Damon McCoy , Parisa Tabriz , Vicentiu Neagoe , Jamie Van Randwyk , Douglas Sicker, Passive data link layer 802.11 wireless device driver fingerprinting, Proceedings of the 15th conference on USENIX Security Symposium, July 31-August 04, 2006, Vancouver, B.C., Canada
 
12
Jim Geier, Wireless Networks First-Step, Cisco Press, 2004
 
13
Ben Greenstein , Ramakrishna Gummadi , Jeffrey Pang , Mike Y. Chen , Tadayoshi Kohno , Srinivasan Seshan , David Wetherall, Can Ferris Bueller still have his day off? protecting privacy in the wireless era, Proceedings of the 11th USENIX workshop on Hot topics in operating systems, p.1-6, May 07-09, 2007, San Diego, CA
14
Ben Greenstein , Damon McCoy , Jeffrey Pang , Tadayoshi Kohno , Srinivasan Seshan , David Wetherall, Improving wireless privacy with an identifier-free link layer protocol, Proceeding of the 6th international conference on Mobile systems, applications, and services, June 17-20, 2008, Breckenridge, CO, USA  [doi>10.1145/1378600.1378607]
15
Marco Gruteser , Dirk Grunwald, Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis, Proceedings of the 1st ACM international workshop on Wireless mobile applications and services on WLAN hotspots, September 19-19, 2003, San Diego, CA, USA  [doi>10.1145/941326.941334]
 
16
IEEE Std 802.11-2007 Revision of IEEE Std 802.11-1999, June 2007.
 
17
ISO/IEC. Information technology -- Security techniques -- Entity authentication -- Part 4: Mechanisms using a cryptographic check function, 1999. Reference number ISO/IEC 9798-4:1999(E).
 
18
T. Jiang, H. J. Wang, and Y.-C. Hu. Location privacy in wireless networks. In Proc. of MobiSys '07, June 2007.
 
19
A. Juels. RFID security and privacy: a research survey. IEEE JSAC, Feb. 2006.
 
20
B. Kaliski, PKCS #5: Password-Based Cryptography Specification Version 2.0, RFC Editor, 2000
 
21
H. Krawczyk , M. Bellare , R. Canetti, HMAC: Keyed-Hashing for Message Authentication, RFC Editor, 1997
 
22
J. Lindqvist, T. Aura, G. Danezis, T. Koponen, A. Myllyniemi, J. Mäki, and M. Roe. Privacy-preserving 802.11 access-point discovery (full version). Microsoft Research Technical Report, MSR-TR-2009-7, Jan. 2009.
23
Janne Lindqvist , Laura Takkinen, Privacy management for secure mobility, Proceedings of the 5th ACM workshop on Privacy in electronic society, October 30-30, 2006, Alexandria, Virginia, USA  [doi>10.1145/1179601.1179612]
 
24
Meraki Inc. Meraki mini specification. http://www.meraki.com/.
 
25
R. Molva , G. Tsudik, Secret sets and applications, Information Processing Letters, v.65 n.1, p.47-55, Jan 1, 1998  [doi>10.1016/S0020-0190(97)80449-8]
 
26
OpenWrt. http://openwrt.org/.
 
27
ORBIT. Wireless testbed. http://www.orbit-lab.org/.
 
28
A. Palekar, D. Simon, J. Salowey, H. Zhou, G. Zorn, and S. Josefsson. Protected EAP Protocol (PEAP) Version 2, Oct. 2004. Internet-Draft. Expired.
29
Jeffrey Pang , Ben Greenstein , Ramakrishna Gummadi , Srinivasan Seshan , David Wetherall, 802.11 user fingerprinting, Proceedings of the 13th annual ACM international conference on Mobile computing and networking, September 09-14, 2007, Montréal, Québec, Canada  [doi>10.1145/1287853.1287866]
 
30
J. Pang, B. Greenstein, D. McCoy, S. Seshan, and D. Wetherall. Tryst: The Case for Confidential Service Discovery. In Proc. of HotNets-VI, Nov. 2007.
 
31
John Rittinghouse , James Ransome, Wireless Operational Security, Digital Press, Newton, MA, 2004
 
32
T. Scott Saponas , Jonathan Lester , Carl Hartung , Sameer Agarwal , Tadayoshi Kohno, Devices that tell on you: privacy trends in consumer ubiquitous computing, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
 
33
D. Stanley, J. Walker, and B. Aboba. RFC 4017: Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs, Mar. 2005.
 
34
R. Stanley. Managing Risk in a Wireless Environment: Security, Audit and Control Issues. Information Systems Audit and Control Association, 2005.
 
35
Wifi Alliance. Wi-fi protected setup specification, version 1.0h, Dec. 2006.
 
36
Edward Wilding, Information Risk And Security: Preventing And Investigating Workplace Computer Crime, Gower Publishing Co., Brookfield, VT 05036, 2006
 
37
F.-L. Wong and F. Stajano. Location Privacy in Bluetooth. In Proc. of ESAS '05, July 2005.

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Wireless communication


General Terms:
Design, Security


Keywords:
access-point discovery, ieee 802.11, privacy, wlan

Collaborative Colleagues:
Janne Lindqvist: colleagues
Tuomas Aura: colleagues
George Danezis: colleagues
Teemu Koponen: colleagues
Annu Myllyniemi: colleagues
Jussi Mäki: colleagues
Michael Roe: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player