The techniques presented herein is to enhance the security of the WPA2-PSK methods to combat both Offline and Online Dictionary Attacks by generating independent random keying parameters on both Supplicant and Authenticator, which are not exchanged explicitly or in any form between them. These parameters are used in conjunction with "Password Key Element" which is generated from PSK using known transformation. This would overcome the offline dictionary attacks faced by current WPA2-PSK method. Also, using "Cookie Loop", where-in Cookie would be initially generated by Authentication Server (AAA Server) and later passed in encrypted form in all the transactions (M1-M4) between Authenticator (WLC) and Supplicant (Client), and also in Access-Request & Access-Accept messages. This would overcome the online dictionary attacks.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
M M, Niranjan; Kothamasu, Vijay; and Kenchaiah, Nagaraj, "METHOD TO ADDRESS SECURITY VULNERABILITIES WITH RESPECT TO OFFLINE AND ONLINE DICTIONARY ATTACKS ON WPA2-PSK", Technical Disclosure Commons, (April 07, 2022)