摘要
针对现有无线网络认证面临的中间人攻击问题,提出一种基于无线信道特征的跨层认证机制。通过在高层认证流程中增加对无线信道的检测,防止用户在初次接入过程中遭受中间人攻击。利用信道的互易性,用户侧和网络侧分别提取无线信道特征作为物理层认证参数并嵌入高层认证流程中,生成具有身份和信道双重信息的认证响应。如果认证过程中出现中间人攻击,双方会提取出不同的物理层认证参数,进而产生不同的认证响应,导致认证失败。认证服务器根据无线信道条件设置认证门限,增强机制的容错性。所提取的无线信道特征通过了NIST随机性测试,具有良好的随机性。仿真结果验证了认证效果,采用BPSK调制在0.5d B的信噪比条件下可实现99.8%以上的中间人检测率。
To deal with the threat of Man-in-the-Middle (MitM) attacks in authentication mechanisms of wireless network, we propose a cross-layer authentication scheme based on wireless channel characteristic during the first access. The channel characteristics at both the user and the base sta- tion are extracted based on the reciprocity of wireless channel to generate response containing dual information of identity and channel. If there exists a MitM, the user and base station will extract dif- ferent channel characteristics and further to generate different responses, leading to a failed authenti- cation. An authentication threshold is set according to the wireless channel condition, making the proposed scheme fault-tolerant. The channel characteristic extracted passes the NIST random test which proves its randomness. Security analysis shows that the proposed scheme can effectively pre-vent MitM attack, which can achieve a detection rate above 99.8% under the SNR of 12dB when BPSK is employed.
出处
《信息工程大学学报》
2017年第3期267-272,共6页
Journal of Information Engineering University
基金
国家自然科学基金资助项目(61379006)
国家863计划资助项目(SS2015AA011306)
国家青年科学基金资助项目(61501516)
关键词
无线通信
认证
跨层
中间人
信道特征
wireless communication
authentication
cross-layer
man-in-the-middle
channel characteristic