节点文献
无线局域网802.11b/11i协议安全机制研究
Research on Security Mechanism of WLAN 802.11b/11i Protocols
【作者】 赵琳;
【导师】 张红旗;
【作者基本信息】 解放军信息工程大学 , 计算机应用技术, 2006, 硕士
【摘要】 随着计算机技术、通信技术和网络技术的发展,移动设备和无线技术发展迅速。由于无线局域网(Wireless Local Area Network)具有有线网络所无法比拟的灵活性和便利性,被广泛应用于商业、医疗、教育、军事等众多领域。无线局域网在给人们带来便利的同时,其安全问题日益突出,越来越受到人们的重视。 当前基于IEEE802.11系列标准的无线局域网被广泛应用,IEEE802.11b/11i的安全机制研究,已经成为当无线网络安全研究的热点之一。 本文从加密机制、认证机制和密钥管理三个方面对802.11b/11i协议的安全机制进行研究和分析。重点对802.11i协议的身份认证机制和采用的认证方法进行研究,对EAP—TLS协议的安全性进行了形式化分析。通过分析802.11i认证方法在实用性和安全性方面存在的缺陷,以802.1x协议框架和EAP(Extensible Authentication Protocol)协议为基础,以PAK(Password-Authenticated Key)协议为核心,提出一种基于口令的认证增强方案,方案中提出EAP—PAK协议,能够满足无线局域网认证的安全需求,同时具有良好的实用性,有效地增强了802.11i的认证机制。最后对802.11i协议密钥管理中的密钥分发过程进行分析,在保证安全性的基础上,提出了一种快速密钥分发的改进方案。
【Abstract】 Along with development of science and technology of computer technology and communication technology etc., portable equipment and wireless technology are enjoying fast development. Due to flexibility and convenience of wireless local area network that wired network cannot compare with, WLAN is widely applied to various fields including business, medical treatment education, and military etc. Though WLAN is bringing convenience to us, security problems are getting more series every day, which is getting people’s attention.At present, WLAN based on IEEE802.11 series standards is being applied broadly, so that research on security mechanism of IEEE802.11b/11i has already become a hotspot of wirelss network security research.This paper, from the three aspects of encryption mechanism, and authentication mechanism, carries out research on and analysis of security mechanism of 802.11b/11i protocols. Importance is attached to research on identification authentication mechanism of 802.11i and authentication methods employed, and formalized analysis is conducted for security of EAP—TLS protocols. By analyzing defects of practicability and security of authentication method of 802.11i, a password based intensified authentication plan is brought forward in which the EAP—PAK protocol is brought out, with 802.1x protocols framework and EAP (Extensible Authentication Protocol) as foundation, and PAK (Password-Authenticated Key) protocol as core. This plan can satisfy security demands of WLAN authentication, with high practicability, and effectively intensifies authentication mechanism of 802.11i. Finally, an analysis of process of cryptographic key distribution in cryptographic key management of 802.11i protocols is conducted, and an improvement plan for fast distribution of cryptographic key is brought forward, with guaranteed security as precondition.
【Key words】 WLAN; 802.11b; 802.11i; data encryption; identification authentication; key management;
- 【网络出版投稿人】 解放军信息工程大学 【网络出版年期】2007年 06期
- 【分类号】TN925.93
- 【被引频次】1
- 【下载频次】450