节点文献
无线局域网中WPA及预防字典攻击技术的研究与改进
Research and Improvement of Dictionary Attack Prevention Technology and WPA in WLAN
【作者】 王春晓;
【导师】 王培东;
【作者基本信息】 哈尔滨理工大学 , 计算机应用技术, 2010, 硕士
【摘要】 随着社会经济的迅速发展和无线网络的迅猛崛起,人们对于随时随地都能够提供信息服务的无线通信的需求就与日俱增。由于无线频率资源的日益珍贵,短距离无线通信技术就有着广阔的市场前景,就成为了人们的热门话题。但是不论是Wi-Fi或者IEEE802.11无线局域网,都存在着安全问题,其加密协议在加密方面也仍然存在着漏洞,给攻击者留下了实施攻击条件。因此,安全也成为无线局域网应用发展上急需解决的技术问题。论文首先以常见的字典攻击为例,分析攻击者是如何破解安全协议的密钥对网络进行攻击,由此表明研究不改动硬件环境来预防字典攻击的方法,对强化无线局域网络安全是一项具有实际应用意义的研究工作。文章接下来从一般的无线局域网安全技术进行介绍,引出无线局域网的安全协议WPA,通过对WPA与WEP的分析比较讨论了两种安全协议的应用技术和工作原理。从攻击者的角度研究了字典攻击技术的形成和如何应用字典攻击来破解密钥,又以一个字典攻击的实验来说明破解的过程,实验结果表明字典攻击成功的破解了加密协议。本文最后通过字典攻击的实验建立了一个改进的预防字典攻击方案。该方案主要是如何加强身份验证来预防字典攻击,基于单向哈希函数提出了四个信息的交换过程,用消耗登陆时间方法来确保攻击者没有足够的能力进行在线字典攻击,另外使用变量增加时间消耗弥补了离线字典攻击的缺陷。对此方案进行了应用验证,其验证结果表明改进后的方案在同样的实验环境下可以有效的预防字典攻击,并且不需要改动任何硬件设施完全可以实现。有效地降低了开发成本,提高了经济效益。
【Abstract】 With the rapid development of social economy and the sharp rise of wireless networks, the demands of wireless communications which provides information services keep increasing. As the wireless frequency resources becoming precious, short-range wireless communications technology has broad market prospects, and WLAN becomes people’s hot topic of discussion. However, there are security problems both in the Wi-Fi and the IEEE802.11 WLAN. But there are many WLAN encryption protocol holes in the encryption aspesct, and leaves a lot of space to be attacked for the aggressor. Consequently, the security problems become urgent problem to be solved for their developments.This paper takes the most common dictionary attack as the example firstly, analyses the aggressor how to crack the secret key of security agreement and how to use this technique to carry the attack on the network. So the method that does not change the hardware environment to prevent dictionary attacks is to be the meaningful practical application study for strengthening the security of WLAN.This paper then introduces the general WLAN security technologies, and elicits security protocols WPA of WLAN. We compare WPA with its predecessor WEP, illustrate the application technologies and work principle of this two security agreements respectively. Analyze the dictionary attack technology formation from attacker’s point , explain how to crack the key using the dictionary attack, and illustrate the general process of crack by an experiment. The results of experiments show that dictionary attack cracks the encryption protocol successfully.At the end, this paper has established a plan to improve the prevention of a dictionary attack by the dictionary attack experiment. The main idea of plan is how to strengthen authentication to prevent a dictionary attack. Propose four information exchanges process based on the one-way hash function, using the debarkation time consumption to ensure the attacker can not have enough capacity to carry on online dictionary attacks. In addition, this paper use a variable to add off-line dictionary attack time consuming for makeing up the deficiencies. This plan have been verified.And the results show that the improved plan in the same experimental conditions can effectively prevent dictionary attacks.So this plan can be achieved completely without any hardware changes. It reduces the development costs effectively and improves economic efficiency.
【Key words】 wireless local area network; wi-fi protected access; encryption technique; dictionary attack;