| 新完善的WAPI协议安全性分析 |
| |
| 引用本文: | 庞辽军,李慧贤,王育民.新完善的WAPI协议安全性分析[J].东南大学学报,2008,24(1):25-28. |
| |
| 作者姓名: | 庞辽军 李慧贤 王育民 |
| |
| 作者单位: | 西安电子科技大学计算机网络与信息安全教育部重点实验室 西安710071(庞辽军,王育民),西北工业大学计算机学院 西安710072(李慧贤) |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划),陕西省自然科学基金,中国博士后科学基金 |
| |
| 摘 要: | 在深入研究中国无线局域网安全标准WAPI接入鉴别过程的基础上,利用CK模型并结合BAN逻辑,对其认证和密钥协商过程安全性进行了形式化分析,证明其能够实现所声称的各种认证及密钥协商目标.进一步的分析结果表明,WAPI不仅具有所声称的各种安全属性,同时还能够有效地实现实体间相互认证、密钥的相互控制、密钥确认、消息完整性校验等安全属性.如果协议中所采用的椭圆曲线加密算法和杂凑算法足够安全,则该协议能够实现STA和AP之间的相互身份认证,可以用于替代原来的无线局域网国际标准中的安全机制,以增强无线局域网的安全性.
|
| 关 键 词: | 无线局域网 认证 密钥协商 CK模型 |
| 修稿时间: | 2007年4月26日 |
Security analysis of newly ameliorated WAPI protocol |
| |
| Pang Liaojun,Li Huixian,Wang Yumin.Security analysis of newly ameliorated WAPI protocol[J].Journal of Southeast University(English Edition),2008,24(1):25-28. |
| |
| Authors: | Pang Liaojun Li Huixian Wang Yumin |
| |
| Abstract: | Based on thorough researches on the Chinese wireless local area network (WLAN) security standard,i.e.,WLAN authentication and privacy infrastructure (WAPI),the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi-Needham) logic.Results show that it can achieve the alleged authentication and key negotiation goals.Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements,such as mutual identity authentication,mutual key control,key confirmation,message integrity check,etc.If the used elliptic curve encryption algorithm and the hash algorithm are secure enough,the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point).Therefore,WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security. |
| |
| Keywords: | WAPI wireless local area network (WLAN) WLAN authentication and privacy infrastructure (WAPI) authentication key negotiation CK model |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
