摘要
Two standards for security of WLAN,IEEE 802.11 i and WAPI,are introduced,and some shortcomings of them are pointed out.Based on hash chains technique to construct identity authentication tokens, a new authentication infrastructure for WLAN is proposed,in which AS authenticates the main entities -STAs in the foremost time.Properties of the proposed scheme are discussed,including security, efficiency and feasibility etc.Compared with 802. 11 i and WAPI,the proposed scheme not only improves efficiency by reducing cost on computation and communication,but also promotes security property -availability by mitigating DoS attacks to AP and AS.At the same time,a self-updating hash chain technique is presented that is embedded in the proposed infrastructure to solve the length limitation of traditional hash chain.
Two standards for security of WLAN, IEEE 802.11i deployed. However, security is a serious concern and WAPI, are introduced, and some shortcomings of them are pointed out. Based on hash chains technique to construct identity authentication tokens, a new authentication infrastructure for WLAN is proposed, in which AS authenticates the main entities - STAs in the foremost time. Properties of the proposed scheme are discussed, including security, efficiency and feasibility etc. Compared with 802. 11i and WAPI, the proposed scheme not only improves efficiency by reducing cost on computation and communication, but also promotes security property - availability by mitigating DoS attacks to AP and AS. At the same time, a self-updating hash chain technique is presented that is embedded in the proposed infrastructure to solve the length limitation of traditional hash chain.
基金
supported by the NNSF of China(No.90204015, 60473021)
the Key Technologies Research and Development Program of Henan Province of China(No.0524220044,062426001)
the Research Found of HAUT of China(No.0401009, 050211,050215,050216)
