The current 802.11i standard can provide data confidentiality, integrity and mutual authentication in enterprise Wireless Local Area Networks (WLANs). However, secure communication can only be provided after successful authentication and a robust security network association is established. In general, the wireless link layer is not protected by the current standard in WLANs, which leads to many possible attacks, especially in public open-access wireless networks. We argue that regardless of the type of network under consideration, link-layer protection and data confidentiality are of great importance in wireless applications. In this paper, we first identify and analyze the security issues ignored by the current 802.11 security standard. Then we propose our solution to patch the current 802.11i standard and address all those issues with a new dummy authentication key-establishment algorithm. Dummy means no real authentication for a user. In dummy authentication, we apply public-key cryptography's key-establishment technique to the 802.11 MAC protocol. Our solution can provide link-layer data encryption in open-access wireless networks, separate session encryption keys for different users, and protection for important frames such as management and null data frames as well as Extensible Authentication Protocol (EAP) messages.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	http://searchnetworking.techtarget.com/generic/0,295582,sid7 gci1173698 tax303099,00.html.
	2	http://technet.microsoft.com/en-us/library/bb878131.aspx.
	3	http://www.antsight.com/zsl/rainbowcrack/.
	4	D. Akin. 802.11w -- Management Frame Protection. http://www.cwnp.com/community/index2.php?option=com content&do pdf=1&id=54.
	5	John Bellardo , Stefan Savage, 802.11 denial-of-service attacks: real vulnerabilities and practical solutions, Proceedings of the 12th conference on USENIX Security Symposium, p.2-2, August 04-08, 2003, Washington, DC
	6	J.-C. Chen, M.-C. Jiang, and Y. wen Liu. Wireless LAN Security and IEEE 802.11i. IEEE Wireless Communications, 12(1):27--36, Feb. 2005.
	7	Daniel B. Faria , David R. Cheriton, DoS and authentication in wireless public access networks, Proceedings of the 1st ACM workshop on Wireless security, p.47-56, September 28-28, 2002, Atlanta, GA, USA  [doi>10.1145/570681.570687]
	8	Wenjun Gu , Zhimin Yang , Can Que , Dong Xuan , Weijia Jia, On Security Vulnerabilities of Null Data Frames in IEEE 802.11 Based WLANs, Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems, p.28-35, June 17-20, 2008  [doi>10.1109/ICDCS.2008.17]
	9	Changhua He , John C. Mitchell, Analysis of the 802.11i 4-way handshake, Proceedings of the 3rd ACM workshop on Wireless security, October 01-01, 2004, Philadelphia, PA, USA  [doi>10.1145/1023646.1023655]
	10	C. He and J. C. Mitchell. Security Analysis and Improvements for IEEE 802.11i. In 12th Annual Network and Distributed System Security Symposium (NDSS '05), pp. 90--110, Feb. 2005 .
	11	Changhua He , Mukund Sundararajan , Anupam Datta , Ante Derek , John C. Mitchell, A modular correctness proof of IEEE 802.11i and TLS, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA  [doi>10.1145/1102120.1102124]
	12	Joon S. Park , Derrick Dicoi, WLAN Security: Current and Future, IEEE Internet Computing, v.7 n.5, p.60-65, September 2003  [doi>10.1109/MIC.2003.1232519]
	13	Floriano De Rango , Dionigi Cristian Lentini , Salvatore Marano, Static and dynamic 4-way handshake solutions to avoid denial of service attack in Wi-Fi protected access and IEEE 802.11i, EURASIP Journal on Wireless Communications and Networking, v.2006 n.2, p.73-73, April 2006  [doi>10.1155/WCN/2006/47453]
	14	E. Tews, R.-P. Weinmann, and A. Pyshki. Breaking 104-bit WEP in Less Than 60 Seconds. Cryptology ePrint Archive: Report 2007/120, available at http://eprint.iacr.org/2007/120, 2007.