Based on thorough researches on the Chinese wireless local area network (WLAN) security standard, i. e., WLAN authentication and privacy infrastructure (WAPI), the security of the authentication access process is ...Based on thorough researches on the Chinese wireless local area network (WLAN) security standard, i. e., WLAN authentication and privacy infrastructure (WAPI), the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi- Needham) logic. Results show that it can achieve the alleged authentication and key negotiation goals. Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements, such as mutual identity authentication, mutual key control, key confirmation, message integrity check, etc. If the used elliptic curve encryption algorithm and the hash algorithm are secure enough, the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point). Therefore, WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security.展开更多
Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks con...Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks considerations on how to secure vehicleto-vehicle communications,particularly when infrastructure is unavailable.In this paper,we propose a lightweight certificateless and oneround key agreement scheme without pairing,and further prove the security of the proposed scheme in the random oracle model.The proposed scheme is expected to not only resist known attacks with less computation cost,but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication,especially in no available infrastructure circumstance.A comprehensive evaluation,including security analysis,efficiency analysis and simulation evaluation,is presented to confirm the security and feasibility of the proposed scheme.展开更多
基金The National Basic Research Program of China(973Program) (No.G1999035805)the Natural Science Foundation of ShannxiProvince (No.2007F37)China Postdoctoral Science Foundation (No.20060401008,20070410376).
文摘Based on thorough researches on the Chinese wireless local area network (WLAN) security standard, i. e., WLAN authentication and privacy infrastructure (WAPI), the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi- Needham) logic. Results show that it can achieve the alleged authentication and key negotiation goals. Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements, such as mutual identity authentication, mutual key control, key confirmation, message integrity check, etc. If the used elliptic curve encryption algorithm and the hash algorithm are secure enough, the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point). Therefore, WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security.
基金This work was supported in part by the National Natural Science Foundation of China under Grant No.61170217,61272469,61303212,61332019,and Grant No.U1135004,and by the Fundamental Research Founds for National University,China University of Geosciences
文摘Vehicle ad-hoc networks have developed rapidly these years,whose security and privacy issues are always concerned widely.In spite of a remarkable research on their security solutions,but in which there still lacks considerations on how to secure vehicleto-vehicle communications,particularly when infrastructure is unavailable.In this paper,we propose a lightweight certificateless and oneround key agreement scheme without pairing,and further prove the security of the proposed scheme in the random oracle model.The proposed scheme is expected to not only resist known attacks with less computation cost,but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication,especially in no available infrastructure circumstance.A comprehensive evaluation,including security analysis,efficiency analysis and simulation evaluation,is presented to confirm the security and feasibility of the proposed scheme.