无线局域网中WPA及预防字典攻击技术的研究与改进
|
摘要
随着社会经济的迅速发展和无线网络的迅猛崛起,人们对于随时随地都能够提供信息服务的无线通信的需求就与日俱增。由于无线频率资源的日益珍贵,短距离无线通信技术就有着广阔的市场前景,就成为了人们的热门话题。但是不论是Wi-Fi或者IEEE802.11无线局域网,都存在着安全问题,其加密协议在加密方面也仍然存在着漏洞,给攻击者留下了实施攻击条件。因此,安全也成为无线局域网应用发展上急需解决的技术问题。
论文首先以常见的字典攻击为例,分析攻击者是如何破解安全协议的密钥对网络进行攻击,由此表明研究不改动硬件环境来预防字典攻击的方法,对强化无线局域网络安全是一项具有实际应用意义的研究工作。
文章接下来从一般的无线局域网安全技术进行介绍,引出无线局域网的安全协议WPA,通过对WPA与WEP的分析比较讨论了两种安全协议的应用技术和工作原理。从攻击者的角度研究了字典攻击技术的形成和如何应用字典攻击来破解密钥,又以一个字典攻击的实验来说明破解的过程,实验结果表明字典攻击成功的破解了加密协议。
本文最后通过字典攻击的实验建立了一个改进的预防字典攻击方案。该方案主要是如何加强身份验证来预防字典攻击,基于单向哈希函数提出了四个信息的交换过程,用消耗登陆时间方法来确保攻击者没有足够的能力进行在线字典攻击,另外使用变量增加时间消耗弥补了离线字典攻击的缺陷。对此方案进行了应用验证,其验证结果表明改进后的方案在同样的实验环境下可以有效的预防字典攻击,并且不需要改动任何硬件设施完全可以实现。有效地降低了开发成本,提高了经济效益。
With the rapid development of social economy and the sharp rise of wireless networks, the demands of wireless communications which provides information services keep increasing. As the wireless frequency resources becoming precious, short-range wireless communications technology has broad market prospects, and WLAN becomes people's hot topic of discussion. However, there are security problems both in the Wi-Fi and the IEEE802.11 WLAN. But there are many WLAN encryption protocol holes in the encryption aspesct, and leaves a lot of space to be attacked for the aggressor. Consequently, the security problems become urgent problem to be solved for their developments.
This paper takes the most common dictionary attack as the example firstly, analyses the aggressor how to crack the secret key of security agreement and how to use this technique to carry the attack on the network. So the method that does not change the hardware environment to prevent dictionary attacks is to be the meaningful practical application study for strengthening the security of WLAN.
This paper then introduces the general WLAN security technologies, and elicits security protocols WPA of WLAN. We compare WPA with its predecessor WEP, illustrate the application technologies and work principle of this two security agreements respectively. Analyze the dictionary attack technology formation from attacker's point , explain how to crack the key using the dictionary attack, and illustrate the general process of crack by an experiment. The results of experiments show that dictionary attack cracks the encryption protocol successfully.
At the end, this paper has established a plan to improve the prevention of a dictionary attack by the dictionary attack experiment. The main idea of plan is how to strengthen authentication to prevent a dictionary attack. Propose four information exchanges process based on the one-way hash function, using the debarkation time consumption to ensure the attacker can not have enough capacity to carry on online dictionary attacks. In addition, this paper use a variable to add off-line dictionary attack time consuming for makeing up the deficiencies. This plan have been verified.And the results show that the improved plan in the same experimental conditions can effectively prevent dictionary attacks.So this plan can be achieved completely without any hardware changes. It reduces the development costs effectively and improves economic efficiency.
论文首先以常见的字典攻击为例,分析攻击者是如何破解安全协议的密钥对网络进行攻击,由此表明研究不改动硬件环境来预防字典攻击的方法,对强化无线局域网络安全是一项具有实际应用意义的研究工作。
文章接下来从一般的无线局域网安全技术进行介绍,引出无线局域网的安全协议WPA,通过对WPA与WEP的分析比较讨论了两种安全协议的应用技术和工作原理。从攻击者的角度研究了字典攻击技术的形成和如何应用字典攻击来破解密钥,又以一个字典攻击的实验来说明破解的过程,实验结果表明字典攻击成功的破解了加密协议。
本文最后通过字典攻击的实验建立了一个改进的预防字典攻击方案。该方案主要是如何加强身份验证来预防字典攻击,基于单向哈希函数提出了四个信息的交换过程,用消耗登陆时间方法来确保攻击者没有足够的能力进行在线字典攻击,另外使用变量增加时间消耗弥补了离线字典攻击的缺陷。对此方案进行了应用验证,其验证结果表明改进后的方案在同样的实验环境下可以有效的预防字典攻击,并且不需要改动任何硬件设施完全可以实现。有效地降低了开发成本,提高了经济效益。
With the rapid development of social economy and the sharp rise of wireless networks, the demands of wireless communications which provides information services keep increasing. As the wireless frequency resources becoming precious, short-range wireless communications technology has broad market prospects, and WLAN becomes people's hot topic of discussion. However, there are security problems both in the Wi-Fi and the IEEE802.11 WLAN. But there are many WLAN encryption protocol holes in the encryption aspesct, and leaves a lot of space to be attacked for the aggressor. Consequently, the security problems become urgent problem to be solved for their developments.
This paper takes the most common dictionary attack as the example firstly, analyses the aggressor how to crack the secret key of security agreement and how to use this technique to carry the attack on the network. So the method that does not change the hardware environment to prevent dictionary attacks is to be the meaningful practical application study for strengthening the security of WLAN.
This paper then introduces the general WLAN security technologies, and elicits security protocols WPA of WLAN. We compare WPA with its predecessor WEP, illustrate the application technologies and work principle of this two security agreements respectively. Analyze the dictionary attack technology formation from attacker's point , explain how to crack the key using the dictionary attack, and illustrate the general process of crack by an experiment. The results of experiments show that dictionary attack cracks the encryption protocol successfully.
At the end, this paper has established a plan to improve the prevention of a dictionary attack by the dictionary attack experiment. The main idea of plan is how to strengthen authentication to prevent a dictionary attack. Propose four information exchanges process based on the one-way hash function, using the debarkation time consumption to ensure the attacker can not have enough capacity to carry on online dictionary attacks. In addition, this paper use a variable to add off-line dictionary attack time consuming for makeing up the deficiencies. This plan have been verified.And the results show that the improved plan in the same experimental conditions can effectively prevent dictionary attacks.So this plan can be achieved completely without any hardware changes. It reduces the development costs effectively and improves economic efficiency.
引文
[1] IDO DUBRAWKSY,CHRIS CRAYTON,MICHAEL CROSS,et.al.网络安全保护[M].贾军保,译.北京:科学出版社,2009:102-131.
[2] JON EDNEY,WILLIAM A ARBRAUGH.无线局域网安全实务-WPA与802.11i[M].周正,译.北京:人民邮电出版社,2006:47-77.
[3]李煜. WLAN安全解决方案设计与实现[D] .北京:北京邮电大学.2007:8.
[4]雷怀玉.基于WPA的无线局域网安全系统的研究与实现[D].太原:太原理工大学,2005,30.
[5]刘建伟,王育民.网络安全:技术与实践[M].北京:清华大学出版社,2005:381-384.
[6] PRAPHUL CHANDRA.Bulletproof Wireless Security-GSM, UMTS, 802.11 and Ad Hoc Security[M].United States of America:Elsevier Inc,2005:178-190.
[7] LISA GRNATHMA,EDELMNA.Overview Wi-Fi Protected Aeeess[C].Wi-Fi Alliance,2004:26.
[8]徐明伟,吴建平等.高等计算机网络[M].第二版,北京:机械工业出版社,2009:432-436.
[9]胡铮.网络与信息安全[M].北京:清华大学出版社,2006:21-32.
[10]杨茂云.信息与网络安全实用教程[M].北京:电子工业出版社,2007:85-110.
[11] ROBERTA BRAGG , MARK RHODES-OUSLEY , KEITHER STRASSBERG.网络安全完全手册[M].程代伟,路晓村,迟亚平,等,译.北京:电子工业出版社, 2005:199-222.
[12] CYRUS PEIKARI, SETH FOQIE .Maximum Wireless Security[M]. United States of America:Sams Publishing,2003:366-401.
[13]王群,李馥娟,叶清扬.无线局域网[M].北京:人民邮电出版社,2001:24,26.
[14] CABLE GUY . Wi-Fi Protected Access 2 (WPA2) Overview [C] . Wi-Fi Alliance . 2004,3:12.
[15]刘小花,张凤.无线局域网安全技术分析[J].广西通信技术,2004,24(2):24-25.
[16]鲍劼.一个基于口令的能抵抗字典攻击的身份认证系统设计与实现[D].成都:西南交通大学,2008:27-28.
[17]金心颖.浅析无线局域网安全技术[J].哈尔滨学院学报,2004,25(7):137-138.
[18] TIM MOORE.Suggested Changes to Robust Security Network(RSN) for IEEE802.11.IEEE802.11-02/17880,2002:23.
[19] AARON E EARLE.Wireless Security Handbook[M].United States of America:Auerbach Publications,2006:87.
[20] ANAND PRASAD , NEELI PRASAD . 802.11 WLANs and IP Networking-Security, QoS, and Mobility[M] . London:Artech House Publishers,2006:49-50.
[21] RADIA PERLMAN,MIKE SPACINER .网络安全-公众世界中的秘密通信[M] .第二版,北京:电子工业出版社,2004:70-100 .
[22] WILLIAM STALLING.网络安全基础应用与标准[M].第二版,北京:中国电力出版社,2004:11-19.
[23]宋宇波,胡爱群,蔡天佑.无线局域网TKPI协议的安全分析[J].应用科学学报.2005,23(1):40.
[24] JESSE WALKER . 802.11 Security Series PartⅡ: The Temporal Key Integrity Protocol (TKIP) [R]. Intel Corporation,2004:566.
[25] NIKITA BORISOV,IAN GOLDBERG,DAVID WAGNER. Security of the WEP algorithm[J] .University of Caliofnria,Berkeley,2004:123.
[26]曾克彬.WEP有线对等加密协议安全分析[J].网络安全技术与应用,2006,91(9):87.
[27]王磊,王力,张玉清.无线网中的WEP与WEP2算法安全分析[J].计算机工程,2004,30(6):334.
[28]苏鹏,胡志远,塔维娜,等.802.11无线局域网安全现状及其解决方案[J].计算机工程,2003,29(3) :339.
[29]陈曦,郑继荣.无线局域网的安全机制及安全性分析[J].计算机应用,2003,23(03):17.
[30] WILLIAM STALLINGS.密码编码学与网络安全:原理与实践[M] .杨明,译.第二版,北京:电子工业出版社,2001:5.
[31] JIM GEIER.无线局域网-网络与通信[M] .王群,李馥娟,叶清扬,译.北京:人民邮电出版社,2001:378.
[32] CYRUS PEIKARI,SETH FOGIE.无线网络安全[M].周靖,译.北京:电子工业出社,2004,07:53-65.
[33]曹秀英,耿嘉,沈平,等.无线局域网安全系统[M].北京:电子工业出版社,2004,03:85-92.
[34]苏鹏,胡志远,塔维娜,等.802.11无线局域网安全现状及其解决方案[J].计算机工程,2003,29(4):45.
[35]李霞.无线局域网(WLAN)标准与实现[J].计算机与数字工程, 2005, (01) .14.
[36]铁满霞,黄振动海,张变玲,等.WAPI证书鉴别与密钥管理协议[J].移动通信,2006,30(5):77.
[37]索望.一次性口令身份认证方案的设计与实现[D].成都:四川大学,2005:33-40.
[38]李莉,薛锐,张焕国,等.基于口令认证的密钥交换协议的安全性分析[J].电子学报.2005,33(1):100-170.
[39]马自堂,张鲁国.基于口令的群密钥分发协议的分析与设计[J].信息安全,2006,22(27):107-109.
[40]刘乃安.无线局域网(WLAN)-原理、技术与应用[M].西安:西安电子科技大学出版社,2004:390-439.
[41] PATEL . Weaknesses of north american wireless authentication protocol[J].IEEE Personal Communications,1997,4(6):40-44.
[42] LIANG WEI,WANG WENYE.On performance analysis of challenge-response based authentication in wireless networks[J].Computer Networks,2005,48(6):267-288.
[43]马建峰,朱建明.无线局域网安全-方法与技术[M] .北京:机械工业出版社,2005:67.
[44]徐胜波,马文平,王新梅.无线通信网中的安全技术[M].北京:人民邮电出版社,2003:54-56.
[45] GEORGE LAPIOTIS,BYUNGSUK KIM,SUBIR DAS,et.al.A Policy-based approach to Wireless LAN Security Management[C].Proceeding of the 1st International Conference on Security and Privacy for Emerging Area in Communication Network .2005:181-189.
[46]钱进.无线局域网技术与应用[M].北京:电子工业出版社,2004:57-86.
[47] NIKITA BORISOV,IAN GOLDBERG ,DAVID WAGNER.Intercepting Mobile Communications:The Insecurity of 802.11[C].In:Proceedings of the Seventh Annual International Conference on Mobile Computing AND Networking,2001,7: 180-188.
[48] WOOL AVISHAI.A note on the fragility of the“Michael”message integrity code[J].IEEE Transactions on Wireless Communications,2004,3(5):1459-1462.
[2] JON EDNEY,WILLIAM A ARBRAUGH.无线局域网安全实务-WPA与802.11i[M].周正,译.北京:人民邮电出版社,2006:47-77.
[3]李煜. WLAN安全解决方案设计与实现[D] .北京:北京邮电大学.2007:8.
[4]雷怀玉.基于WPA的无线局域网安全系统的研究与实现[D].太原:太原理工大学,2005,30.
[5]刘建伟,王育民.网络安全:技术与实践[M].北京:清华大学出版社,2005:381-384.
[6] PRAPHUL CHANDRA.Bulletproof Wireless Security-GSM, UMTS, 802.11 and Ad Hoc Security[M].United States of America:Elsevier Inc,2005:178-190.
[7] LISA GRNATHMA,EDELMNA.Overview Wi-Fi Protected Aeeess[C].Wi-Fi Alliance,2004:26.
[8]徐明伟,吴建平等.高等计算机网络[M].第二版,北京:机械工业出版社,2009:432-436.
[9]胡铮.网络与信息安全[M].北京:清华大学出版社,2006:21-32.
[10]杨茂云.信息与网络安全实用教程[M].北京:电子工业出版社,2007:85-110.
[11] ROBERTA BRAGG , MARK RHODES-OUSLEY , KEITHER STRASSBERG.网络安全完全手册[M].程代伟,路晓村,迟亚平,等,译.北京:电子工业出版社, 2005:199-222.
[12] CYRUS PEIKARI, SETH FOQIE .Maximum Wireless Security[M]. United States of America:Sams Publishing,2003:366-401.
[13]王群,李馥娟,叶清扬.无线局域网[M].北京:人民邮电出版社,2001:24,26.
[14] CABLE GUY . Wi-Fi Protected Access 2 (WPA2) Overview [C] . Wi-Fi Alliance . 2004,3:12.
[15]刘小花,张凤.无线局域网安全技术分析[J].广西通信技术,2004,24(2):24-25.
[16]鲍劼.一个基于口令的能抵抗字典攻击的身份认证系统设计与实现[D].成都:西南交通大学,2008:27-28.
[17]金心颖.浅析无线局域网安全技术[J].哈尔滨学院学报,2004,25(7):137-138.
[18] TIM MOORE.Suggested Changes to Robust Security Network(RSN) for IEEE802.11.IEEE802.11-02/17880,2002:23.
[19] AARON E EARLE.Wireless Security Handbook[M].United States of America:Auerbach Publications,2006:87.
[20] ANAND PRASAD , NEELI PRASAD . 802.11 WLANs and IP Networking-Security, QoS, and Mobility[M] . London:Artech House Publishers,2006:49-50.
[21] RADIA PERLMAN,MIKE SPACINER .网络安全-公众世界中的秘密通信[M] .第二版,北京:电子工业出版社,2004:70-100 .
[22] WILLIAM STALLING.网络安全基础应用与标准[M].第二版,北京:中国电力出版社,2004:11-19.
[23]宋宇波,胡爱群,蔡天佑.无线局域网TKPI协议的安全分析[J].应用科学学报.2005,23(1):40.
[24] JESSE WALKER . 802.11 Security Series PartⅡ: The Temporal Key Integrity Protocol (TKIP) [R]. Intel Corporation,2004:566.
[25] NIKITA BORISOV,IAN GOLDBERG,DAVID WAGNER. Security of the WEP algorithm[J] .University of Caliofnria,Berkeley,2004:123.
[26]曾克彬.WEP有线对等加密协议安全分析[J].网络安全技术与应用,2006,91(9):87.
[27]王磊,王力,张玉清.无线网中的WEP与WEP2算法安全分析[J].计算机工程,2004,30(6):334.
[28]苏鹏,胡志远,塔维娜,等.802.11无线局域网安全现状及其解决方案[J].计算机工程,2003,29(3) :339.
[29]陈曦,郑继荣.无线局域网的安全机制及安全性分析[J].计算机应用,2003,23(03):17.
[30] WILLIAM STALLINGS.密码编码学与网络安全:原理与实践[M] .杨明,译.第二版,北京:电子工业出版社,2001:5.
[31] JIM GEIER.无线局域网-网络与通信[M] .王群,李馥娟,叶清扬,译.北京:人民邮电出版社,2001:378.
[32] CYRUS PEIKARI,SETH FOGIE.无线网络安全[M].周靖,译.北京:电子工业出社,2004,07:53-65.
[33]曹秀英,耿嘉,沈平,等.无线局域网安全系统[M].北京:电子工业出版社,2004,03:85-92.
[34]苏鹏,胡志远,塔维娜,等.802.11无线局域网安全现状及其解决方案[J].计算机工程,2003,29(4):45.
[35]李霞.无线局域网(WLAN)标准与实现[J].计算机与数字工程, 2005, (01) .14.
[36]铁满霞,黄振动海,张变玲,等.WAPI证书鉴别与密钥管理协议[J].移动通信,2006,30(5):77.
[37]索望.一次性口令身份认证方案的设计与实现[D].成都:四川大学,2005:33-40.
[38]李莉,薛锐,张焕国,等.基于口令认证的密钥交换协议的安全性分析[J].电子学报.2005,33(1):100-170.
[39]马自堂,张鲁国.基于口令的群密钥分发协议的分析与设计[J].信息安全,2006,22(27):107-109.
[40]刘乃安.无线局域网(WLAN)-原理、技术与应用[M].西安:西安电子科技大学出版社,2004:390-439.
[41] PATEL . Weaknesses of north american wireless authentication protocol[J].IEEE Personal Communications,1997,4(6):40-44.
[42] LIANG WEI,WANG WENYE.On performance analysis of challenge-response based authentication in wireless networks[J].Computer Networks,2005,48(6):267-288.
[43]马建峰,朱建明.无线局域网安全-方法与技术[M] .北京:机械工业出版社,2005:67.
[44]徐胜波,马文平,王新梅.无线通信网中的安全技术[M].北京:人民邮电出版社,2003:54-56.
[45] GEORGE LAPIOTIS,BYUNGSUK KIM,SUBIR DAS,et.al.A Policy-based approach to Wireless LAN Security Management[C].Proceeding of the 1st International Conference on Security and Privacy for Emerging Area in Communication Network .2005:181-189.
[46]钱进.无线局域网技术与应用[M].北京:电子工业出版社,2004:57-86.
[47] NIKITA BORISOV,IAN GOLDBERG ,DAVID WAGNER.Intercepting Mobile Communications:The Insecurity of 802.11[C].In:Proceedings of the Seventh Annual International Conference on Mobile Computing AND Networking,2001,7: 180-188.
[48] WOOL AVISHAI.A note on the fragility of the“Michael”message integrity code[J].IEEE Transactions on Wireless Communications,2004,3(5):1459-1462.