2010年 第12卷 第1期
802.11i认证协议可验安全性形式化分析
东南大学信息科学与工程学院,南京 210096
下一篇 上一篇
摘要
IEEE 802.11标准组提出了802.11i标准以增强无线局域网的安全性能。在802.11i标准中采用了802.1X标准实现无线局域网用户的认证和接入控制过程。针对802.1X认证协议的三方交互结构提出一种扩展Bellare-Rogaway模型,对802.11i认证和密钥交换机制进行可验安全性分析。通过分析,证明802.11i认证协议存在缺陷并给出了相应的中间人攻击方法。
关键词
802.11i ; Bellare-Rogaway模型 ; 可验安全性 ; 形式化分析
图片
图1
参考文献
[ 1 ] IEEE 802.11.Information technology ― Telecommunications and information exchange between systems ― Local and metropolitan area networks ― Specific requirements ― Part 11 : Wireless LAN Medium Access Control ( MAC) and Physical Layer( PHY) Speci- fications[ S] .America, ISO /IEC, 1999 ,17 -21
[ 2 ] Nikita Borisov, Ian Goldberg, David Wagner.Intercepting mobile communications: the insecurity of 802.11 [ A ] .MobiCom ’ 01 : Proceedings of the 7 th Annual International Conference on Mobile Computing and Networking[ C] .New York:ACM Press,2001 :180 – 189
[ 3 ] Arbaugh W A, Shankar N,Wan Y J .Your 802.11 wireless net- work has no clothes [ EB /OL ] . http: //www.cs.umd.edu /~ waa /wireless.pdf,2001 ,3
[ 4 ] Arbaugh W A.An inductive chosen plaintext attack against WEP / WEP2 [ N] .IEEE Document 802.11 -01 /230 ,2001 ,5
[ 5 ] Walker J R.Unsafe at any key size; an analysis of the WEP en- capsulation[ N] .IEEE Document 802.11 -00 /362 ,2000 ,10
[ 6 ] IEEE802.11i.IEEE Standard for information technology -Tele- communications and information exchange between systems -Local and metropolitan area networks -Specific requirements part 11 : Wireless LAN Medium Access control ( MAC) and Physical Layer ( PHY) specifications: Medium Access Control ( MAC ) Security Enhancements[ S] .America, ISO /IEC, 2004 :1 -341
[ 7 ] IEEE802.1x.IEEE Standard for Local and Metropolitan Area Net- works – Port -Based Network Access Control [ S ] .America, ISO /IEC, 2001 ,1 -167
[ 8 ] GoldWasser S , Micali S.Probabilistic encryption [ J ] .Journal Computer and System Sciences,1984 ,4 ( 28 ) :270 – 299 链接1
[ 9 ] Micali S, Rackoff C,Sloan R.The notion of security for probabilis- tic cryptosystems[ J] .SIAMJ.of Computing, 1988 ,4 :412 -426 链接1
[10] Yao A C.Theory and applications of trapdoor functions[ A] .In Proceedings of the 23 rd Symposium on Foundations of Computer Science[ C] .IEEE, 1982
[11] Goldreich O.A uniform complexity treatment of encryption and zero -knowledge[ J] .Journal of Cryptology, 2003 ,6 :21 – 53 链接1
[12] Luby M. Pseudorandomness and Cryptiographic Applications [ M] .New York: Princeton University Press, 2006
[13] Bellare M,Rogaway P.Entity authentication and key distribution [ A] .In Cryptology - Crypto 03 Proceedings[ C] .Lecture Notes in Computer Science, 2004 :232 -249
[14] Bellare M,Rogaway P.Provably secure session key distribution: the three party case[ A] .Proc.27 th Annual Symposium on the Theory of Computing[ C] .ACM, 2005 :57 -66
[15] Bellare M, Canetti R, Krawczyk H.A modular approach to the design and analysis of authentication and key exchange protocols [ A] .Proc.30 th Annual Symposium on the Theory of Computing [ C] .ACM, 1998 : 419 -428
[16] Bellare M, Pointcheval D, Rogaway P.Authenticated key ex- change secure against dictionary attacks[ A] .Cryptology - Eu- rocrypt 2000 Proceedings [ C ] .Lecture Notes in Computer Sci- ence, 2000 :135 -155
京公网安备 11010502051620号
