摘要
利用Canetti-Krawczyk模型对WAPI实施方案中的单播密钥协商协议进行了分析,结果表明:如果所采用的椭圆曲线加密方案ECES能够抵抗适应性的选择密文(CCA2)攻击,那么该密钥协商过程就不提供完美前向保密性(PFS)的会话密钥安全(SK-secure).在协议结束时该认证模型实现了用户STA和接入点AP相互的身份认证.相对于原国家标准,实施方案的安全性有了很大的提高.
Compared with the original standard, the greatest change that WAPI (Chinese WLAN security standard) implementation plan made lies in the key-agreement protocol in the authentication model. This paper presents a security analysis of unicast key-agreement protocol in the implementation plan with the Canetti-Krawczyk model. The results show that the protocol is session-key secure without perfect forward secrecy (PFS) if the elliptic curve encryption scheme adopted is secure against adaptive chosen ciphertext (CCA2) attack. And at the end of the protocol, STA and AP can authenticate each other's identity. Compared with the original standard, the security of the implementation plan is improved greatly.
出处
《计算机学报》
EI
CSCD
北大核心
2006年第4期576-580,共5页
Chinese Journal of Computers
基金
国家自然科学基金重大计划项目基金(90204012)
国家"八六三"高技术研究发展计划项目基金(2002AA143021)
教育部优秀青年骨干教师资助计划基金
教育部科学技术研究重点项目基金
华为基金资助