基于ECC和IPSec的无线局域网安全系统设计实现
摘要
随着移动通信和互联网的迅速发展,无线局域网所面临的安全问题日趋严重。传统安全机制存在着大量的缺陷和漏洞,难以满足WLAN的高安全性需求。IPSec做为一种网络层的安全技术,能在WLAN网络上使用隧道技术和加密技术创建安全的专用通道,为WLAN中数据的快速安全传输提供保护。
目前基于IPSec的WLAN安全系统中大多存在着网络效率低、安全性不高等问题,其主要原因是加密算法安全性不强,协议冗余及加密手段单一等。此类问题可通过增加密钥长度来解决,但这无疑会使加密算法的复杂度和处理时间显著增长,非常不适合WLAN这样资源受限的安全环境。针对这些问题,本文提出一种基于ECC和IPSec的无线局域网安全方案,其特点是在IPSec中用椭圆曲线密钥交换(ECDH)和椭圆曲线数字签名(ESDSA)建立起安全隧道,这样系统在具备了高安全性、低带宽特点的同时,也可灵活的扩展以适应于不同的WLAN安全环境。论文在研究ECC等加密算法和IPSec安全机制之后,先对椭圆曲线密码系统中主要的操作点乘算法做了设计,加快了G(F~(2m))域上的运算速度。在此基础上,根据WLAN安全具体应用需求,给出基于ECC与IPSec的WLAN安全系统的系统架构和功能结构,对系统中关键模块理论做了介绍,系统在IKE的两个阶段中使用ECC进行身份鉴别和密钥协商,提高了系统的安全性和处理速度。论文最后阐述了系统主要模块的实现,说明系统的测试方案和测试部署,为系统的应用提供测试依据,测试结果表明,系统WLAN的安全性和效率均得了提高,具有良好的安全性和可靠性。
With the rapid development of mobile communication and Internet, the security problem that the WLAN faces is becoming more serious. The traditional safe mechanism has a large number of defects and loophole, which is difficult to meet high security requirement of WLAN. IPSec, as the safe practice of a kind of Internet, can use technology of the tunnel and encryption to establish the safe VPN in WLAN which offers protection for transmitting data fast and safely in WLAN.
The security system of WLAN, which based on IPSec, has low network efficiency and security problem. The main reason of that is their redundant agreement and the system encryption method sole algorithm security is not strong. This kind of problem can solve by increasing key length, but this can notably increase complexity to encrypt algorithm and punish time undoubtedly, which not very fit for the limited security environment of WLAN. Because of this, this text proposes a kind of WLAN safe scheme based on ECC and IPSec framework. The main characteristic of that is to use ECDH and ESDSA to set up safe tunnel among IPSec, so the system can not only possess high security, low bandwidth characteristic, but can also expand flexiblely, in order to adapt to different WLAN safe environments . After studying ECC, etc. encrypting algorithms and IPSec, the thesis has improvied to the ECC algorithm which accelerated the operation pace on the land and finished the application of the algorithm to design. On this basis, the thesis provides system framework and function structure based on WLAN security system of ECC and IPSec according to the demand specifically safely of WLAN. which use ECC to carry on identity distinguish with the key consulting among two period of stage in IKE and have improved systematic security and processing speeds. The thesis finally explain the realization of main module of the system and the systematic test scheme and test that disposes and offer basis of testing for application of system. The result of the test indicates that systematic security and efficiency of WLAN which have good security and dependability have raised.
目前基于IPSec的WLAN安全系统中大多存在着网络效率低、安全性不高等问题,其主要原因是加密算法安全性不强,协议冗余及加密手段单一等。此类问题可通过增加密钥长度来解决,但这无疑会使加密算法的复杂度和处理时间显著增长,非常不适合WLAN这样资源受限的安全环境。针对这些问题,本文提出一种基于ECC和IPSec的无线局域网安全方案,其特点是在IPSec中用椭圆曲线密钥交换(ECDH)和椭圆曲线数字签名(ESDSA)建立起安全隧道,这样系统在具备了高安全性、低带宽特点的同时,也可灵活的扩展以适应于不同的WLAN安全环境。论文在研究ECC等加密算法和IPSec安全机制之后,先对椭圆曲线密码系统中主要的操作点乘算法做了设计,加快了G(F~(2m))域上的运算速度。在此基础上,根据WLAN安全具体应用需求,给出基于ECC与IPSec的WLAN安全系统的系统架构和功能结构,对系统中关键模块理论做了介绍,系统在IKE的两个阶段中使用ECC进行身份鉴别和密钥协商,提高了系统的安全性和处理速度。论文最后阐述了系统主要模块的实现,说明系统的测试方案和测试部署,为系统的应用提供测试依据,测试结果表明,系统WLAN的安全性和效率均得了提高,具有良好的安全性和可靠性。
With the rapid development of mobile communication and Internet, the security problem that the WLAN faces is becoming more serious. The traditional safe mechanism has a large number of defects and loophole, which is difficult to meet high security requirement of WLAN. IPSec, as the safe practice of a kind of Internet, can use technology of the tunnel and encryption to establish the safe VPN in WLAN which offers protection for transmitting data fast and safely in WLAN.
The security system of WLAN, which based on IPSec, has low network efficiency and security problem. The main reason of that is their redundant agreement and the system encryption method sole algorithm security is not strong. This kind of problem can solve by increasing key length, but this can notably increase complexity to encrypt algorithm and punish time undoubtedly, which not very fit for the limited security environment of WLAN. Because of this, this text proposes a kind of WLAN safe scheme based on ECC and IPSec framework. The main characteristic of that is to use ECDH and ESDSA to set up safe tunnel among IPSec, so the system can not only possess high security, low bandwidth characteristic, but can also expand flexiblely, in order to adapt to different WLAN safe environments . After studying ECC, etc. encrypting algorithms and IPSec, the thesis has improvied to the ECC algorithm which accelerated the operation pace on the land and finished the application of the algorithm to design. On this basis, the thesis provides system framework and function structure based on WLAN security system of ECC and IPSec according to the demand specifically safely of WLAN. which use ECC to carry on identity distinguish with the key consulting among two period of stage in IKE and have improved systematic security and processing speeds. The thesis finally explain the realization of main module of the system and the systematic test scheme and test that disposes and offer basis of testing for application of system. The result of the test indicates that systematic security and efficiency of WLAN which have good security and dependability have raised.
引文
[1]余乃平,高宏,肖雳.Wi-Fi认证为802.11n保驾护航[J].现代电信科技.2007,(6).
[2]赛迪顾问.2007年度报告.《2007-2008年中国无线城市发展研究年度报告》2007.12.17.http://www.ccidconsulting.com
[3]国务院新闻办公室网站.《网络传播》.2008.03.17.www.scio.gov.cn
[4]中国计算机报.总期号:第1097期.《无线局域网安全挑战自由》.沈生.http://media.ccidnet.com/media/ciw/1097/c2801.htm
[5]马建锋,朱建明等.无线局域网安全方法与技术[M].北京:机械工业出版社,2005.8
[6]IEEE.IEEE Std.802.11-1999,part11:wireless LANmediumaccesscontrol MAC and physicallayer(PHY)specificationsS.1999
[7]Sorman M,Kovac T,Maurovic D.Implementing improved WLAN security.Electronics in Marine,2004.
[8]周正,乔恩·爱德尼,威廉·阿尔保等.无线局域网安全实务-WPA与802.11i[M].北京:人民邮电出版社,2006.4
[9]中华人民共和国国家标准.GB15629.11/1102.无线认证保密基础设施实施指南WAPI[S].2003
[10]Vijay Bollapragada,Mohamed Khalid,Scott Wainner等.袁国忠译.IPSec VPN设计[M].北京:人民邮电出版社,2006.5
[11]W.Diffie,M.Hellman.New Directions in Cryptography[J].IEEE Trans.Info.Theory IT-22,No.6:pp:644-645
[12]Man Young Rhee.金名,张长富等.网络安全;加密原理、算法与协议[M].北京:清华大学出版社,2007.7
[13]Bellare M,Boldyreva A,Palacio A.An uninstantiable random-oracle-model scheme for a hybrid-encryption problem.Cachin C,Camenishch J eds,Advances Cryptology-Eurocrypt 2004 Proceedings.Berlin:Springer-Verlag,2004
[14]WilliamStallin gs等.,刘玉珍译..密码编码学与网络安全[M].北京:电子工业出版社,2004.7
[15]DIFFIE W,HELLMAN M E.New directions in cryptography.IEEE Transactions on Information Theory,1976,IT-22(6);644-654
[16]DORASWAMY N,HARKINS D.IPSec:The New Security Standard for the Ineternet,and Virtual Private Networks,2th ed.Upper Saddle River,NJ:Prentice Hall PTR,2003
[17]冯登国,吴文玲.分组密码的设计与分析[M].北京:清华大学出版社,2000.5
[18]谷大武,徐胜波.高级加密保准AES算法-Rijndael的设计[M].北京:清华大学出版社,2003
[19]Najafi,B.Sadeghian,B.Saheb Zamani,M.High speed implementation of serpent algorithm.Proceedings of the internation Conference on Microelectronics,ICM,Proceedings of the 16~(th)International Conference on Miroelectronics,2004[20]William Stallings.应用密码学[M].北京:机械工业出版社,2000
[21]RFC2104 HMACKeyed-Hashing for Message Authentication,http://www ietf.org/rfc/rfc2401.txt
[22]H.Krawczyk,M.Bellare,R.Canetti.HMAC:keyed-hashing for message authentication[S].RFC2104.1997
[23]RFC2104 HMACKeyed-Hashing for Message Authentication,http://www ietf.org/rfc/rfc2401.txt
[24]Stallings W.刘玉珍,王丽娜,傅建明,等译.密码编码学与网络安全-原理与实践第3版[M].北京:电子工业出版社,2004
[25]RFC1321,The MD5 Message-Digest Algorithm,http://www.ietf.org/rfc/rfc1321.txt
[26]NIST.Announeing the secure hash standard.Federal Information Processing Standards Publleation180-2.August,2002
[27]王新梅,马文平等.移动通信中的安全技术[M].北京:人民邮电出版社,2003
[28]Anon.Meeting of patent attorneys with the specialists of the FIPS.Intellektual Naya Sobstvennost,n1,2002
[29]曹秀英,耿嘉,沈平等.无线局域网安全系统[M].北京:电子工业出版社,2004
[30]Steinfeld,Ron;Zheng,Yuliang.On the security of RSA with primes sharing least-signfieant bits.Applicable Algebra in Engineering,Communications and Computing,n 3-4v15 November,2004
[31]IEEE P1363A.Standard Specifications for Public Key Cryptography:Additional Techniques[M].Institute of Electrical and Electronics Engineers,2000.
[32]F.Rodriguez-Henriquez,N.A.Saqib,A.Diaz-Perez.A fast parallel implement of elliptic curve point multiplication overGF(2m)[J].Microprocessors and Microsystems,2004,28:329-339.
[33]S.Kent,R.Atkinson.Security Architecture for the Internet Protocol[S].RFC2401.November 1998
[34]H.Orman.The OAKLEY Key Detemination Protocol[S].RFC2412.November 1998
[35]Doraswamy,Naganand,Harkins,Dan,Naganand Doraswamy,Dan Harkins.IPSec;新一代因特网安全标准[M].北京:机械工业出版社,2000.1
[36]S.Kent,R.Atkinson.Security Architecture for the Internet Protocol[S].RFC2401.November 1998
[37]R.ATKINSON.IP Authentication Head(AH).RFC1826,Nov,2003
[38]KENT S.Draft-ietf-IPSec-esp-v3-10.txt IP Encapsulating Security Payload(ESP).IFTF,2001
[39]D.Harkins,D.Carrel.The Internet Key Exchange(IKE).RFC2409,Nov,2003
[40]PIPER D.RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP,IETF,1998
[41]R.ATKINSON.IP Encapsulating Secruity Payload(ESP).RFC 1827,Nov,2003
[42]D.Maughan,M.Schertler,M.Schneider.Internet Secruity Association and Key Management Protocol(ISAKMP).RFC2408,Nov,2003,1-86
[43]N.Semaev.Evaluation of discrete logarithm on some elliptic curves[J]Math.comp,1998.67
[44]周玉洁,冯登国.公开密钥算法及其快速实现[M].北京国防工业出版社,2002
[45]Yasuyuki,Kouichi.Speeding Up Elliptic Schalar Multiplication Using Multi-
[46]Silverman J.The Arithematic of Elliptic curves.New York:Springer-Verlag.1993.31
[47]Guajardjo J,Paar C,Efficient algorithms for elliptic curve cryptosystems.Advances in Cryptology,Proceedings ofEurocrypt'97.Springer-Verlag,1997,342-356
[48]郝林,罗平.椭圆曲线密码体制中点的数乘的一种快速算法[J].电子与信息学报,2003,2,25(2):275-278.
[49]Andre Weimerskirch,Douglas Stebila,Sheueling Chang Shantz.GeneriGF(2m)Arithmetic in Software and its Application to ECC[C].ACISP 2003,LNCS2727:879-923.
[50]张龙军,赵霖,沈均毅.基于有限域椭圆曲线密码体制的建立研究[J].小型微型计算机.2002,10(21):1039-1041
[51]Darrel Hankerson,JulioLopez Hernandez,Alfred Menezes.Software Implementation of Elliptic Curve Cryptography over Binary Fields[J].Lecture Notes in Compute Science Springer-Verlag,2000,1965:1-24.
[52]朱艳琴,钱培德.Linux VPN网关密钥交换机制的设计,[J].计算机科学 2005 v1.32
[53]ANSI X9.63.Elliptic Cure Digital Signature Algorithm(ECDSA).American Bankers Association,1999doubling[J].IEICE Transations,2002,E85-A(5):1075-1083.
[54]于雪燕,胡金初,柴春轶.椭圆曲线密码体制及其参数生成的研究[J].计算机技术与发展,v16 n-11 2006
[55]赵泽茂,刘凤玉,徐惠.基于椭圆曲线密码体制签名方程的构造方法[J].计算机工程,2004,30(19):96-97.
[56]纪纯杰,贺晓能.Linux内核分析及常见问题解答[M].北京:人民邮电出版社 2000.7
[2]赛迪顾问.2007年度报告.《2007-2008年中国无线城市发展研究年度报告》2007.12.17.http://www.ccidconsulting.com
[3]国务院新闻办公室网站.《网络传播》.2008.03.17.www.scio.gov.cn
[4]中国计算机报.总期号:第1097期.《无线局域网安全挑战自由》.沈生.http://media.ccidnet.com/media/ciw/1097/c2801.htm
[5]马建锋,朱建明等.无线局域网安全方法与技术[M].北京:机械工业出版社,2005.8
[6]IEEE.IEEE Std.802.11-1999,part11:wireless LANmediumaccesscontrol MAC and physicallayer(PHY)specificationsS.1999
[7]Sorman M,Kovac T,Maurovic D.Implementing improved WLAN security.Electronics in Marine,2004.
[8]周正,乔恩·爱德尼,威廉·阿尔保等.无线局域网安全实务-WPA与802.11i[M].北京:人民邮电出版社,2006.4
[9]中华人民共和国国家标准.GB15629.11/1102.无线认证保密基础设施实施指南WAPI[S].2003
[10]Vijay Bollapragada,Mohamed Khalid,Scott Wainner等.袁国忠译.IPSec VPN设计[M].北京:人民邮电出版社,2006.5
[11]W.Diffie,M.Hellman.New Directions in Cryptography[J].IEEE Trans.Info.Theory IT-22,No.6:pp:644-645
[12]Man Young Rhee.金名,张长富等.网络安全;加密原理、算法与协议[M].北京:清华大学出版社,2007.7
[13]Bellare M,Boldyreva A,Palacio A.An uninstantiable random-oracle-model scheme for a hybrid-encryption problem.Cachin C,Camenishch J eds,Advances Cryptology-Eurocrypt 2004 Proceedings.Berlin:Springer-Verlag,2004
[14]WilliamStallin gs等.,刘玉珍译..密码编码学与网络安全[M].北京:电子工业出版社,2004.7
[15]DIFFIE W,HELLMAN M E.New directions in cryptography.IEEE Transactions on Information Theory,1976,IT-22(6);644-654
[16]DORASWAMY N,HARKINS D.IPSec:The New Security Standard for the Ineternet,and Virtual Private Networks,2th ed.Upper Saddle River,NJ:Prentice Hall PTR,2003
[17]冯登国,吴文玲.分组密码的设计与分析[M].北京:清华大学出版社,2000.5
[18]谷大武,徐胜波.高级加密保准AES算法-Rijndael的设计[M].北京:清华大学出版社,2003
[19]Najafi,B.Sadeghian,B.Saheb Zamani,M.High speed implementation of serpent algorithm.Proceedings of the internation Conference on Microelectronics,ICM,Proceedings of the 16~(th)International Conference on Miroelectronics,2004[20]William Stallings.应用密码学[M].北京:机械工业出版社,2000
[21]RFC2104 HMACKeyed-Hashing for Message Authentication,http://www ietf.org/rfc/rfc2401.txt
[22]H.Krawczyk,M.Bellare,R.Canetti.HMAC:keyed-hashing for message authentication[S].RFC2104.1997
[23]RFC2104 HMACKeyed-Hashing for Message Authentication,http://www ietf.org/rfc/rfc2401.txt
[24]Stallings W.刘玉珍,王丽娜,傅建明,等译.密码编码学与网络安全-原理与实践第3版[M].北京:电子工业出版社,2004
[25]RFC1321,The MD5 Message-Digest Algorithm,http://www.ietf.org/rfc/rfc1321.txt
[26]NIST.Announeing the secure hash standard.Federal Information Processing Standards Publleation180-2.August,2002
[27]王新梅,马文平等.移动通信中的安全技术[M].北京:人民邮电出版社,2003
[28]Anon.Meeting of patent attorneys with the specialists of the FIPS.Intellektual Naya Sobstvennost,n1,2002
[29]曹秀英,耿嘉,沈平等.无线局域网安全系统[M].北京:电子工业出版社,2004
[30]Steinfeld,Ron;Zheng,Yuliang.On the security of RSA with primes sharing least-signfieant bits.Applicable Algebra in Engineering,Communications and Computing,n 3-4v15 November,2004
[31]IEEE P1363A.Standard Specifications for Public Key Cryptography:Additional Techniques[M].Institute of Electrical and Electronics Engineers,2000.
[32]F.Rodriguez-Henriquez,N.A.Saqib,A.Diaz-Perez.A fast parallel implement of elliptic curve point multiplication overGF(2m)[J].Microprocessors and Microsystems,2004,28:329-339.
[33]S.Kent,R.Atkinson.Security Architecture for the Internet Protocol[S].RFC2401.November 1998
[34]H.Orman.The OAKLEY Key Detemination Protocol[S].RFC2412.November 1998
[35]Doraswamy,Naganand,Harkins,Dan,Naganand Doraswamy,Dan Harkins.IPSec;新一代因特网安全标准[M].北京:机械工业出版社,2000.1
[36]S.Kent,R.Atkinson.Security Architecture for the Internet Protocol[S].RFC2401.November 1998
[37]R.ATKINSON.IP Authentication Head(AH).RFC1826,Nov,2003
[38]KENT S.Draft-ietf-IPSec-esp-v3-10.txt IP Encapsulating Security Payload(ESP).IFTF,2001
[39]D.Harkins,D.Carrel.The Internet Key Exchange(IKE).RFC2409,Nov,2003
[40]PIPER D.RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP,IETF,1998
[41]R.ATKINSON.IP Encapsulating Secruity Payload(ESP).RFC 1827,Nov,2003
[42]D.Maughan,M.Schertler,M.Schneider.Internet Secruity Association and Key Management Protocol(ISAKMP).RFC2408,Nov,2003,1-86
[43]N.Semaev.Evaluation of discrete logarithm on some elliptic curves[J]Math.comp,1998.67
[44]周玉洁,冯登国.公开密钥算法及其快速实现[M].北京国防工业出版社,2002
[45]Yasuyuki,Kouichi.Speeding Up Elliptic Schalar Multiplication Using Multi-
[46]Silverman J.The Arithematic of Elliptic curves.New York:Springer-Verlag.1993.31
[47]Guajardjo J,Paar C,Efficient algorithms for elliptic curve cryptosystems.Advances in Cryptology,Proceedings ofEurocrypt'97.Springer-Verlag,1997,342-356
[48]郝林,罗平.椭圆曲线密码体制中点的数乘的一种快速算法[J].电子与信息学报,2003,2,25(2):275-278.
[49]Andre Weimerskirch,Douglas Stebila,Sheueling Chang Shantz.GeneriGF(2m)Arithmetic in Software and its Application to ECC[C].ACISP 2003,LNCS2727:879-923.
[50]张龙军,赵霖,沈均毅.基于有限域椭圆曲线密码体制的建立研究[J].小型微型计算机.2002,10(21):1039-1041
[51]Darrel Hankerson,JulioLopez Hernandez,Alfred Menezes.Software Implementation of Elliptic Curve Cryptography over Binary Fields[J].Lecture Notes in Compute Science Springer-Verlag,2000,1965:1-24.
[52]朱艳琴,钱培德.Linux VPN网关密钥交换机制的设计,[J].计算机科学 2005 v1.32
[53]ANSI X9.63.Elliptic Cure Digital Signature Algorithm(ECDSA).American Bankers Association,1999doubling[J].IEICE Transations,2002,E85-A(5):1075-1083.
[54]于雪燕,胡金初,柴春轶.椭圆曲线密码体制及其参数生成的研究[J].计算机技术与发展,v16 n-11 2006
[55]赵泽茂,刘凤玉,徐惠.基于椭圆曲线密码体制签名方程的构造方法[J].计算机工程,2004,30(19):96-97.
[56]纪纯杰,贺晓能.Linux内核分析及常见问题解答[M].北京:人民邮电出版社 2000.7