无线局域网安全机制研究
|
摘要
无线接入网技术是当前国际上的研究热点,无线局域网作为一种无线接入技术得到了迅速的发展,但是随后一系列的研究表明,无线局域网的安全机制存在很大的安全隐患。安全问题极大的限制了无线局域网技术的普及,因此,安全问题的研究有着重要的意义。
本文中,作者对无线局域网协议的安全机制进行了深入的研究,总结了协议设计中的经验教训,提出了安全协议设计准则,并提出了一个基于公钥基础设施PKI体系的认证方案,本方案的改进之处主要在于:
1.实现了认证服务器对接入点AP的认证,同时可以使用户通过认证服务器实现用户对AP的认证。
2.在临时密钥的分发过程中,实现了全加密的分发,即认证服务器向AP和用户分发临时密钥都进行加密。
3.提出了三级密钥体系机制,即私钥、会话密钥和临时密钥,实现了认证密钥和加密密钥的分离。
Wireless access to Internet is an international research hotspot now, so Wireless Local Area Network (WLAN) as a technique of wireless access has gotten the rapid growth. According to a series of research results, all the security mechanisms of WLAN are completely in-effective. Security problem limits the popularization of WLAN , thus the research on security is of great meaning.
The dissertation makes a deep study on security mechanisms of WLAN, and summarizes experiences and lessons in previous protocol design. The dissertation proposed principle of designing security protocol, and proposed a authentication scheme based on PKI. The improvements gotten from scheme are as following:
1 Authentication server authenticates AP, therefore stations can authenticate AP by using authentication server. Because there are no shared keys between AP and station, station can but authenticate AP with the help of authentication server.
2. Authentication server distributes encrypted temporal key to AP and station,
which greatly increases security of temporal key.
3. Propose three key hierarchy, private key session key temporal key, and achieve separation of encryption key and authentication key.
本文中,作者对无线局域网协议的安全机制进行了深入的研究,总结了协议设计中的经验教训,提出了安全协议设计准则,并提出了一个基于公钥基础设施PKI体系的认证方案,本方案的改进之处主要在于:
1.实现了认证服务器对接入点AP的认证,同时可以使用户通过认证服务器实现用户对AP的认证。
2.在临时密钥的分发过程中,实现了全加密的分发,即认证服务器向AP和用户分发临时密钥都进行加密。
3.提出了三级密钥体系机制,即私钥、会话密钥和临时密钥,实现了认证密钥和加密密钥的分离。
Wireless access to Internet is an international research hotspot now, so Wireless Local Area Network (WLAN) as a technique of wireless access has gotten the rapid growth. According to a series of research results, all the security mechanisms of WLAN are completely in-effective. Security problem limits the popularization of WLAN , thus the research on security is of great meaning.
The dissertation makes a deep study on security mechanisms of WLAN, and summarizes experiences and lessons in previous protocol design. The dissertation proposed principle of designing security protocol, and proposed a authentication scheme based on PKI. The improvements gotten from scheme are as following:
1 Authentication server authenticates AP, therefore stations can authenticate AP by using authentication server. Because there are no shared keys between AP and station, station can but authenticate AP with the help of authentication server.
2. Authentication server distributes encrypted temporal key to AP and station,
which greatly increases security of temporal key.
3. Propose three key hierarchy, private key session key temporal key, and achieve separation of encryption key and authentication key.
引文
[1] IEEE.LAN MAN Standard of IEEE Computer Society, "Wireless LAN medium access control (MAC) and physical layer (PHY) specification", IEEE Standard 802.11,1997.
[2] IEEE.LAN MAN Standard of IEEE Computer Society, "Port-Based Network Access Control", 25 October 2001.
[3] W. A. Arbaugh, N. Shankar, and Y. J Wan., "Your 802.11 wireless network has no clothes ". Department of Computer Science University of Maryland College Park, Maryland 20742, March 30, 2001.
[4] Jesse Walker, " 802.11 Security Series: The Wired Equivalent Privacy (WEP)", Intel
[5] Jesse Walker, " 802.11 Security Series: The Temporal Key Integrity Protocol (TKIP)", Intel.
[6] Jesse Walker, " 802.11 Security Series: The AES--Based Eneapsulations of 802.11 Data", Intel
[7] Fluhrer, S., I. Mantin, and A. Shamir, Weaknesses in the Key Scheduling Algorithm of RC4, presented at the Eighth Annual Workshop on Selected Areas in Cryptography, August 16.17, 2001, Toronto, Canada.
[8] Arunesh Mishra and William Arbaugh, "An Initial Security Analysis of the IEEE 802.1X Standard", University of Maryland.
[9] Whiting, D., R. Housley, and N. Ferguson, "AES Encryption & Authentication using CTR Mode & CBC-MAC," IEEE 802.11 doe 02-00 1r1, March 5, 2002.
[10] Letanche, O., and D. Stanley, "Proposed TGi D1.9 Clause 8 AES-CTR CBC-MAC (CCM) text," IEEE 802.11 doe 02-144r0, February 28, 2002.
[11] J. R. Walker. Unsafe at any key size; an analysis of the WEP encapsulation. IEEE Document 802.11-00/362, Oct. 2000.
[12] 王育民、刘建伟,通信网的安全—理论与技术,西安电子科技大学出版,2000.
[13] Dan Simon, Bernard Aboba, Tim Moore ,"IEEE 802.11 Security and 802.1X",Microsoft Corporation.
[14] Qing, SH. Cryptography and Computer Network Security. Beijing: Tsinghua University Press, 2001. 127-147 (in Chinese).
[15] Qing, SH. Formal analysis of authentication protocols. Journal of Software, 1996,7:107-114 (in Chinese with English abstract).
[16] N.Borisov, I.Goldberg and D.Wagner, "Intercepting mobile communications: The
insecurity of 802.11".Proceedings of the Seventh International Conference on Mobile Computing and Networking, pages 180—188, 2001.
[17] Weatherspoon, Sultan, "Overview of IEEE 802.11b Security," Intel Technology Journal(Quarter 2, 2000), p. 1.
[18] Ferguson, N., "Michael: an improved MIC for 802.11 WEP," IEEE 802.11 doc 02-020r0, January 17, 2002.
[19] Stanley, D., "IV Sequencing Requirements Summary," IEEE 802.11 doc 02-006r2, January 18, 2002.
[20] Housely, R., and D. Whiting, "Temporal Key Hash," IEEE 802.11 doe 01-550r1 October 31, 2001.
[21] 卿斯汉,“安全协议的设计与逻辑分析”,软件学报,1000-9825/9825/2003.
[22] S. Kent and R. Atkinson, RFC 2401, "Security Architecture for the Intern Protocol", IETF, November 1998.
[23] Dan Simon, Bernard Aboba, "IEEE 802.11 Security and 802.1X ," IEEE 802.11-00/034r 1.
[24] Russ Housley, Doug Whiting, "Temporal Key Hash", IEEE 802.11-01/550r3.
[25] Merwyn Andrade," Securing the WLAN with 802.11i "November 4, 2002 Aruba Networks, Inc Page 2 Merv -IEC -2002.
[26] Scott Fluhrer, Itsik Mantin, Adi Shamir, "Attacks on RC4 and WEP ",Cisco.
[27] Sean Convery, Darrin Miller, and Sri Sundaralingam, "Wireless LAN Security in Depth",Cisco.
[28] Florian Jirschik, "WLAN Security", Presentation for Cryptology 07.01.2003.
[29] Bruce Alexander, Byron Henderson, "Securing and Managing Your 802.11 Wireless Network", 4515 03 2002_c1,Cisco.
[30] Bruce Alexander, Byron Henderson,"Wireless Networking Wireless Networking Standards and Security Standard", 3702 10 2001_c1,Cisco.
[31] Pejman Roshan, "Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite",2002,Cisco.
[32] David Wagner, "Security in 802.11 Wireless Networks", University of Cali-fornia,Bekeley.
[33] Ferguson, N., "Michael: an improved MIC for 802.11 WEP," IEEE 802.11 doc 02-020r0, January 17, 2002.
[34] Bernard Aboba, "IEEE 802.1X Pre-Authentication", IEEE 802.11 doc 02/389r0, June 17, 2002.
[35] Dennis Eaton, "802.11 Security", intersil.
[36] SangHeon Pack,YangHee Choi, "Fsat Inter-AP Handoff Using Predictive Authentication Scheme In A Public Wireless LAN", Networks2002.doc submitted to World Scientific 2002-06-10.
[37] Ajay Chandra, V. Gummalla, "Wireless Medium Access Control Protocol", IEEE Communications Surveys, Second Quarter 2000.
[38] Itsik Mantin, "Analysis of the Stream Cipher RC4", nov 27,2001.
[39] Itsik Mantin, Adi Shamir, "A Practical Attack On Broadcast RC4",2001.
[40] C. Brian Grimm, "Overview of Wi-Fi Protected Access", Wi-Fi Alliance, 10/31/2002.
[41] ITU-T Recommendation," X.509 ", Jun 97.
[42] ITU-T Recommendation," X.812 ", Nov 95.
[43] B. Schneier, "Applied Cryptography: Protocols, Algorithms and Source Code in C", John Wiley and Sons, Inc., New York, NY, USA, second edition, 1996.
[2] IEEE.LAN MAN Standard of IEEE Computer Society, "Port-Based Network Access Control", 25 October 2001.
[3] W. A. Arbaugh, N. Shankar, and Y. J Wan., "Your 802.11 wireless network has no clothes ". Department of Computer Science University of Maryland College Park, Maryland 20742, March 30, 2001.
[4] Jesse Walker, " 802.11 Security Series: The Wired Equivalent Privacy (WEP)", Intel
[5] Jesse Walker, " 802.11 Security Series: The Temporal Key Integrity Protocol (TKIP)", Intel.
[6] Jesse Walker, " 802.11 Security Series: The AES--Based Eneapsulations of 802.11 Data", Intel
[7] Fluhrer, S., I. Mantin, and A. Shamir, Weaknesses in the Key Scheduling Algorithm of RC4, presented at the Eighth Annual Workshop on Selected Areas in Cryptography, August 16.17, 2001, Toronto, Canada.
[8] Arunesh Mishra and William Arbaugh, "An Initial Security Analysis of the IEEE 802.1X Standard", University of Maryland.
[9] Whiting, D., R. Housley, and N. Ferguson, "AES Encryption & Authentication using CTR Mode & CBC-MAC," IEEE 802.11 doe 02-00 1r1, March 5, 2002.
[10] Letanche, O., and D. Stanley, "Proposed TGi D1.9 Clause 8 AES-CTR CBC-MAC (CCM) text," IEEE 802.11 doe 02-144r0, February 28, 2002.
[11] J. R. Walker. Unsafe at any key size; an analysis of the WEP encapsulation. IEEE Document 802.11-00/362, Oct. 2000.
[12] 王育民、刘建伟,通信网的安全—理论与技术,西安电子科技大学出版,2000.
[13] Dan Simon, Bernard Aboba, Tim Moore ,"IEEE 802.11 Security and 802.1X",Microsoft Corporation.
[14] Qing, SH. Cryptography and Computer Network Security. Beijing: Tsinghua University Press, 2001. 127-147 (in Chinese).
[15] Qing, SH. Formal analysis of authentication protocols. Journal of Software, 1996,7:107-114 (in Chinese with English abstract).
[16] N.Borisov, I.Goldberg and D.Wagner, "Intercepting mobile communications: The
insecurity of 802.11".Proceedings of the Seventh International Conference on Mobile Computing and Networking, pages 180—188, 2001.
[17] Weatherspoon, Sultan, "Overview of IEEE 802.11b Security," Intel Technology Journal(Quarter 2, 2000), p. 1.
[18] Ferguson, N., "Michael: an improved MIC for 802.11 WEP," IEEE 802.11 doc 02-020r0, January 17, 2002.
[19] Stanley, D., "IV Sequencing Requirements Summary," IEEE 802.11 doc 02-006r2, January 18, 2002.
[20] Housely, R., and D. Whiting, "Temporal Key Hash," IEEE 802.11 doe 01-550r1 October 31, 2001.
[21] 卿斯汉,“安全协议的设计与逻辑分析”,软件学报,1000-9825/9825/2003.
[22] S. Kent and R. Atkinson, RFC 2401, "Security Architecture for the Intern Protocol", IETF, November 1998.
[23] Dan Simon, Bernard Aboba, "IEEE 802.11 Security and 802.1X ," IEEE 802.11-00/034r 1.
[24] Russ Housley, Doug Whiting, "Temporal Key Hash", IEEE 802.11-01/550r3.
[25] Merwyn Andrade," Securing the WLAN with 802.11i "November 4, 2002 Aruba Networks, Inc Page 2 Merv -IEC -2002.
[26] Scott Fluhrer, Itsik Mantin, Adi Shamir, "Attacks on RC4 and WEP ",Cisco.
[27] Sean Convery, Darrin Miller, and Sri Sundaralingam, "Wireless LAN Security in Depth",Cisco.
[28] Florian Jirschik, "WLAN Security", Presentation for Cryptology 07.01.2003.
[29] Bruce Alexander, Byron Henderson, "Securing and Managing Your 802.11 Wireless Network", 4515 03 2002_c1,Cisco.
[30] Bruce Alexander, Byron Henderson,"Wireless Networking Wireless Networking Standards and Security Standard", 3702 10 2001_c1,Cisco.
[31] Pejman Roshan, "Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite",2002,Cisco.
[32] David Wagner, "Security in 802.11 Wireless Networks", University of Cali-fornia,Bekeley.
[33] Ferguson, N., "Michael: an improved MIC for 802.11 WEP," IEEE 802.11 doc 02-020r0, January 17, 2002.
[34] Bernard Aboba, "IEEE 802.1X Pre-Authentication", IEEE 802.11 doc 02/389r0, June 17, 2002.
[35] Dennis Eaton, "802.11 Security", intersil.
[36] SangHeon Pack,YangHee Choi, "Fsat Inter-AP Handoff Using Predictive Authentication Scheme In A Public Wireless LAN", Networks2002.doc submitted to World Scientific 2002-06-10.
[37] Ajay Chandra, V. Gummalla, "Wireless Medium Access Control Protocol", IEEE Communications Surveys, Second Quarter 2000.
[38] Itsik Mantin, "Analysis of the Stream Cipher RC4", nov 27,2001.
[39] Itsik Mantin, Adi Shamir, "A Practical Attack On Broadcast RC4",2001.
[40] C. Brian Grimm, "Overview of Wi-Fi Protected Access", Wi-Fi Alliance, 10/31/2002.
[41] ITU-T Recommendation," X.509 ", Jun 97.
[42] ITU-T Recommendation," X.812 ", Nov 95.
[43] B. Schneier, "Applied Cryptography: Protocols, Algorithms and Source Code in C", John Wiley and Sons, Inc., New York, NY, USA, second edition, 1996.