Understanding Association Lockout Problem in MFP Enabled Wi-Fi Networks

Association Lockout is a problem that occurs in a Management Frame Protection (MFP) enabled WLANs. This is a worst consequence of a (Re)Association Request frame based Denial of Service (DoS) attack in which attacker manages to delete security association of an already authenticated and authorized client. In this attack, by sending spoofed (Re)Association Request frame, AP is tricked to believe that a legitimate client has got disconnected and is attempting to establish a fresh connection with the AP. In the original 802.11i standard, there is no MAC layer test available to confirm whether legitimate client has actually got disconnected or not.

Let’s try to understand the intensity of the attack in an MFP enabled WLAN.

When an attacker sends a spoofed Association Request frame (It is unprotected frame and can be spoofed) to an MFP AP, the AP can either ignore this request, thinking that client is already associated or it can honor and delete old security association. In the former case, if the AP does that then a client which reboots due to whatever reason shall not be able to associate with the AP, so it can not be a good choice. With the latter case, security association state of a legitimate client can be deleted by an attacker by sending a spoofed (Re)Association Request frame. The AP expects from the client that it will complete layer 2 connection establishment and higher layer authetication procedure in order to establish a new security key. Since the frame was sent by an attacker, so client remains unaware of the deletion of its security state on the AP. Client sends encrypted data to the AP. Since no security key exists on the AP for the client, the AP does not honor client's data packet and sends deauthentication notification. In absence of the security key, the deauthentication frame sent by the AP is unprotected. Since the client is an MFP client and still has a valid security state so it does not honor unprotected deauthentication frame. This continues between the AP and the client and they never be able to synchronize their state. This state of the AP and the client is an example of deadlock in a WLAN environment and known as "Association Lockout" problem.
The problem has been shown present in Cisco's proprietary implementation of MFP.
http://www.networkworld.com/community/node/30842

So, that's all about the Lockout problem. Hope you are enlightened.

Is 802.11w panacea to all wireless DoS attacks?

IEEE 802.11w is the most recent amendment to 802.11 standard for WiFi networking. It got ratified in September 2009 and since then couple of vendors have already announced support for it. Cisco, one of the WLAN vendors and major market share holder, has been shipping their product with a similar capability which they call Management Frame Protection (MFP). Here are more details about Cisco’s MFP

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008080dc8c.shtml

Cisco has been positioning MFP as a solution to some serious wireless attacks e.g. DoS attack, Man-in-the-middle (MITM) and Dictionary attack.  Infact, the common perception about MFP or 802.11w is that it would solve most of the wireless DoS attacks. In reality MFP was already shown broken in 2008. You can read more about it here 

http://www.networkworld.com/community/node/30842

Also a research published recently in WiSec 2011 also highlights some of the weaknesses of IEEE 802.11w amendment. In this article, we will try to understand the key changes proposed in the 802.11w and how they are going to mitigate wireless DoS attacks:

The most important feature introduced in the IEEE 802.11w is protection of management frames. It also provides solution to Association Lockout (Deletion of legitimate client’s state on AP by attacker causes deadlock) problem.  Key attributes of the IEEE 802.11w are presented below:

Robust Management Frames: The IEEE 802.11w amendment defines Deauthentication, Disassociation and Action Management Frame as Robust Management (RM) frames and associates three key security properties with them- Data origin authenticity, Replay detection and Management frame protection.

Integrity GTK (IGTK) and Broadcast/Multicast Integrity Protocol (BIP): IGTK is a new encryption key introduced in the IEEE 802.11w to encrypt/decrypt group addressed robust management frames. BIP defines procedure to protect group addressed robust management frames.

Security Association (SA) Query Procedure: SA query procedure has been introduced in the IEEE 802.11w to deter the security association state of connected clients and to avoid Association-Lockout problem.

All unicast RM frames and SA Query Request/Response are encrypted/decrypted using Pairwaise Transient Key (PTK). PTK is the same key that is used for encryption/decryption of DATA frames.

So, it is clear that 802.11w shall be able to counter Deauthentication and Disaasociation based wireless DoS attacks. There are other management and data frames based known attacks that exploit the implementation vulnerability and cause disruption in the wireless networks. Such DoS attack cannot be mitigated by 802.11w. 802.11w does not propose any fix to counter physical RF jamming based wireless DoS attack. So even in the presence of 802.11w, there will be some hacks and tools left in the arsenal of hacker to launch DoS attack but the amendment is definitely going to drastically increase the reliability of layer 2 wireless connections. Though 802.11w is not a panacea to wireless DoS attack, it is good enough security to discourage casual DoS attacker.