Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A WAPI authentication and secret key negotiation method and system

A key agreement and key technology, which is applied in the transmission system, user identity/authority verification, synchronous sending/receiving encryption equipment, etc. security issues

Inactive Publication Date: 2008-02-13
XIDIAN UNIV +1
View PDF1 Cites 42 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

That is to say, at the end of the protocol, the access point AP and the client STA get different session keys, so the key agreement protocol is not secure
[0016] 2. The identity authentication function of the access point AP to the client STA is not implemented
Because in this WAI, an attacker can impersonate a legitimate user to access the network as long as he submits the certificate of a legitimate user, so when the network is billed by time, it may lead to wrong charges
At the same time, once an attacker accesses the network, he may launch many attacks, posing a serious threat to network security.
[0018] 4. The execution efficiency of the protocol is too low. The client STA and the access point AP must transmit their respective public key certificates through the wireless channel with limited resources, and verify the legitimacy and validity of the other party’s certificate through the authentication service unit ASU, which seriously increases The network load, calculation burden and transmission delay are reduced, especially the client STA needs to do heavy signature and signature verification calculations, which affects the real-time performance of user access
[0020] The security of the unicast key negotiation interaction process in the WAPI implementation guide has been improved to a certain extent compared with the security of the national standard Zhongyuan scheme, but it has not fundamentally solved the original security defects and failed to achieve sufficient security strength

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A WAPI authentication and secret key negotiation method and system
  • A WAPI authentication and secret key negotiation method and system
  • A WAPI authentication and secret key negotiation method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0204] In this embodiment, both the client STA and the access point AP adopt the identity authentication and key agreement protocol of the self-verifying public key certificate.

[0205] At this time, the corresponding authentication and key agreement system in WAPI includes a client, an access point, and a certification authority; wherein, the certification authority is used to generate system key data, wherein the system key data includes system parameters and system private key; and disclose the system parameters, keep the system private key in secret; the client and access point are used to apply for a self-validating public key certificate from the certification authority, and use the system key data generated by the certification authority to establish a self-validating public key certificate , and use this self-validating public key certificate for authentication and key agreement. The authentication and key agreement method in the system will be described in detail bel...

Embodiment 2

[0269] For the identity authentication and key agreement protocol using the self-validating public key certificate only for the client STA, the access point AP has the traditional X.509 public key certificate.

[0270] At this time, the corresponding authentication and key agreement system in WAPI includes an authentication service unit, and also includes a client, a certification authority, and an access point; wherein, the certification authority is used to generate system key data, wherein the system key The data includes system parameters and system private key; and the system parameters are disclosed, and the system private key is kept secretly; the client is used to apply for a self-verifying public key certificate from the certification body, and uses the system key data generated by the certification body to establish a self-verifying public key certificate. key certificate, and use the self-validating public key certificate to perform identity verification and key nego...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method and a system for authentication and key negotiation in the WLAN Authentication and Privacy Infrastructure (WAPI), in which an authentication organization is included. The method has two steps. Firstly, a client end and / or an access point apply for a self-verified public key certificate from the authentication organization; and secondly, the identity verification and key negotiation is carried out between the client end and the access point by utilizing the self-verified public key certificate. By the present invention, the quantity of data transmission and on-line calculation is reduced, the security of the authentication sytem is enhanced, and problems exist in the course of identity authentication and key negotiation in the WLAN Authentication and Privacy Infrastructure (WAPI), thus further increasing the security intensity of the WAPI authentication mechanism.

Description

technical field [0001] The present invention relates to the field of wireless communication technology, in particular to the security technology of wireless local area network WLAN, specifically, to a WAPI authentication and key negotiation method and system, to solve the identity authentication and key negotiation when mobile devices access the WAPI network question. Background technique [0002] In 2003, the China Intellectual Property Office published an invention patent application with the application number 02139508.X, titled "Security Access of Mobile Terminals in Wireless Local Area Network and Data Confidential Communication Method for Wireless Links". The patents involved in this application are applied in China's national wireless LAN standard GB15629.11-WLAN Authentication and Privacy Infrastructure (WAPI: WLAN Authentication and Privacy Infrastructure), and the wireless LAN authentication infrastructure is called WAI (WLAN Authentication Infrastructure) for shor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L9/12H04L12/28H04L29/06
Inventor 张帆马建峰姚忠辉裴庆祺杨卫东孙璇
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com