关于无线局域网多安全域间共享密钥生成方法

Shared Key Generation Method Between Multiple Security Domains in Wireless LAN

信息技术的发展促使无线局域网安全问题受到密切关注,在网络体系中存在众多不同的安全域,为保证网络端点间能够进行安全的跨域通信,提出关于无线局域网多安全域间共享密钥生成方法。对本地用户和移动用户与异地安全域的共享密钥问题提出解决方案,协议中采用对称密码体制与公钥密码体制相结合的方法解决本地与异地认证服务器的不对称性,采用对称密码实现用户与异地认证服务器间的共享密钥。将密钥生成算法分为单标签共享密钥的生成算法、多标签的密钥生成算法和群组标签密钥生成算法3种情况进行分析。最后采用逻辑化形式和攻击方式对算法的安全性进行分析,综合计算量、存储空间和通信量三方面对密钥生成算法的性能进行衡量。实验结果表明,所提共享密钥生成方法的安全性较好,大大提高了存储空间的利用率和通信量,可以很好的解决无线局域网存在的安全缺陷问题。

With the development of information technology,the security of WLAN has attracted close attention.There are many different security domains in the network system.In order to ensure secure cross domain communication between network endpoints,a shared key generation method between multiple secure domains in WLAN is proposed for solving the problem of sharing keys between local users and mobile users and remote security domains.In the protocol,the combination of symmetric cryptosystem and public key cryptosystem is used to solve the asymmetry between local and remote authentication servers,and the symmetric password is used to realize the shared key between users and remote authentication servers.Then the key generation algorithm is divided into three cases:single label shared key generation algorithm,multi label key generation algorithm and group label key generation algorithm.Finally,the security of the algorithm is analyzed by using logical form and attack mode,and the performance of the key generation algorithm is analyzed from three aspects:computation,storage space and communication.The experimental results show that the proposed method has high security,greatly improves the utilization of storage space and traffic,and can solve the security defects of WLAN.