- 學位論文
IEEE 802.11全域認證之實現
The Implementation of Enhanced Global Authentication in WLAN(IEEE802.11)
摘要
摘要 近幾年來,隨著電腦網路與無線區域網路的結合,帶給我們生活上許多便利與好處,人們可隨時隨地利用電腦上網、進行電子交易、下載電子地圖、收發電子信件、視訊會議及網路教學等等。由於存取這些服務時將會有大量而重要的訊息在無線通道中傳遞,並且最近許多研究顯示無線區域網路通信協定IEEE 802.11在身份認證與加密演算法安全上有相當多的缺點存在,因此可能造成部分有心人士對這一些資料進行擷取或偽造的動作,所以我們必須考量到重要訊息在無線通道中傳輸的安全問題。本篇論文中,我們提出利用簡單運算卻又不失其安全性的HASH函數及One Time Password來改善IEEE 802.11在認證與安全的缺點。 我們提出的二個認證協定主要特色如下: 1. 在無線區域網路中實現了全域認證的通信協定。 2. 提供一個較低運算複雜度但足以符合安全性的雙向認證協定。 3. 提供使用者一個較為方便的註冊方法。 4. 利用OTP的觀念來更新WEP演算法中的密匙以解決IEEE 802.11安全上的缺點。 我相信本篇論文的研究結果,將對無線區域網路認證協定在未來的研究領域會有相當大的助益。
並列摘要
Abstract In this thesis, we propose very simple schemes for implementing global authentication mechanisms based on the hash function and symmetric-key cryptosystems. The two authentication protocols are proposed to solve the weak authentication and security flaw problem of the wireless local area network (WLAN), proposed by IEEE 802.11. The first scheme is proposed for a single realm authentication protocol. At first, the access point (AP) receives the password from the client and the server. To compute and compare the hash values to accomplish mutual authentication. Then, the client and the AP make use of key exchange to generate a session key, and response new stream bits to server for updating client’s database. Finally, the client sends One Time Password (OTP) to the AP, and supplies refresh secret key of the WEP in IEEE 802.11. In the second scheme, we propose a cross realm authentication protocol. In this scheme, the client needs remote authentication. At first, the AP in receives the password from the client and fetches client’s basic data from client’s home network by roaming. Then, the AP computes and compares the hash values to accomplish mutual authentication. After the above processes, the rest is the same as that of the first scheme. Next, the client and the AP make use of key exchange to generate a session key, and responses new stream bits to home server to update client’s database. Finally, the client sends One Time Password (OTP) to the AP, and supplies refresh secret key of the WEP in IEEE 802.11. The contributions of our works are as follows: (1) One single realm authentication algorithm that make the computational complexity is much simpler but security enough. (2) The implementation of enhanced cross-realm authentication protocol in wireless LAN. (3) Let is convenient for a user to register once to a server for roaming every AP. (4) The concept of refresh password is proposed to renew the secret key of the WEP in IEEE 802.11. It is believed that the results of our study in this thesis will be probably practical and efficient on applications of the WLAN.
參考文獻
延伸閱讀
- 金柏昌(2017)。IEEE 802.11ah TIM策略分析與比較〔碩士論文,中原大學〕。華藝線上圖書館。https://doi.org/10.6840/cycu201700801
- Lee, C. C. (2006). IEEE 802.11a頻率合成器之設計與實作 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2006.10153
- 陳皇達(2012)。IEEE 802.11多頻道定位系統的設計與實作〔碩士論文,國立清華大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0016-2002201315421752
- wu, G. N. (2005). The Implementation of Enhanced Global Authentication on 3G-WLAN Interworking [master's thesis, Chung Yuan Christian University]. Airiti Library. https://doi.org/10.6840/cycu200500762
- 徐正宗(2005)。A Research of Affordable Models on Authentication Mechanism For Inter-WLAN〔碩士論文,淡江大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0002-1108200517232000