Based on thorough researches on the Chinese wireless local area network (WLAN) security standard, i. e., WLAN authentication and privacy infrastructure (WAPI), the security of the authentication access process is ...Based on thorough researches on the Chinese wireless local area network (WLAN) security standard, i. e., WLAN authentication and privacy infrastructure (WAPI), the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi- Needham) logic. Results show that it can achieve the alleged authentication and key negotiation goals. Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements, such as mutual identity authentication, mutual key control, key confirmation, message integrity check, etc. If the used elliptic curve encryption algorithm and the hash algorithm are secure enough, the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point). Therefore, WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security.展开更多
Temporal key integrity protocol (TKIP) is a sub-protocol of IEEE 802.11i. TKIP remedies some security flaws in wired equivalent privacy (WEP) protocol. TKIP adds four new algorithms to WEP: a message integrity co...Temporal key integrity protocol (TKIP) is a sub-protocol of IEEE 802.11i. TKIP remedies some security flaws in wired equivalent privacy (WEP) protocol. TKIP adds four new algorithms to WEP: a message integrity code (MIC) called Michael, an initialization vector (IV) sequencing discipline, a key mixing function and a reeying mechanism. The key mixing function, also called temporal key hash, de-correlates the IVs from weak keys. Some cryptographic properties of the substitution box (S-box) used in the key mixing function are investigated in this paper, such as regularity, avalanche effect, differ uniform and linear structure. Moen et al pointed out that there existed a temporal key recovery attack in TKIP key mixing function. In this paper a method is proposed to defend against the attack, and the resulting effect on performance is discussed.展开更多
基金The National Basic Research Program of China(973Program) (No.G1999035805)the Natural Science Foundation of ShannxiProvince (No.2007F37)China Postdoctoral Science Foundation (No.20060401008,20070410376).
文摘Based on thorough researches on the Chinese wireless local area network (WLAN) security standard, i. e., WLAN authentication and privacy infrastructure (WAPI), the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi- Needham) logic. Results show that it can achieve the alleged authentication and key negotiation goals. Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements, such as mutual identity authentication, mutual key control, key confirmation, message integrity check, etc. If the used elliptic curve encryption algorithm and the hash algorithm are secure enough, the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point). Therefore, WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security.
基金the National Laboratory for Modern Communications(No.51436050304JW0317)the National Natural Science Foundation of China(No.60573030)
文摘Temporal key integrity protocol (TKIP) is a sub-protocol of IEEE 802.11i. TKIP remedies some security flaws in wired equivalent privacy (WEP) protocol. TKIP adds four new algorithms to WEP: a message integrity code (MIC) called Michael, an initialization vector (IV) sequencing discipline, a key mixing function and a reeying mechanism. The key mixing function, also called temporal key hash, de-correlates the IVs from weak keys. Some cryptographic properties of the substitution box (S-box) used in the key mixing function are investigated in this paper, such as regularity, avalanche effect, differ uniform and linear structure. Moen et al pointed out that there existed a temporal key recovery attack in TKIP key mixing function. In this paper a method is proposed to defend against the attack, and the resulting effect on performance is discussed.
