A method of improving public Wi-Fi network security based on wpa/wpa2 PSK multi-cipher

A security, multi-password technology, applied in the field of information security, can solve the problems of cumbersome use, high overhead, complicated encryption algorithms, etc., and achieve the effect of improving confidentiality, improving security, and avoiding theft

Active Publication Date: 2017-11-24
于博涵
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, WEP is rarely used because of serious security problems; WPA / WPA2 PSK is a widely used encryption method, but it has certain limitations, that is, all people connected to the Internet can only use a single password set by the AP (Access Point). When connecting with a public password, anyone who knows the password can steal the data of other users, and the data transmitted through a non-SSL (Secure Sockets Layer) connection can be stolen directly by capturing the packet and then decrypting it with the public password; and For the SSL connection, you can use the public password to forge the phishing AP, and then use the SSLStrip to remove the SSL to steal
Therefore, there are security risks when used in public places; WPA / WPA2 Enterprise can set multiple sets of user names and passwords through EAP (Extensible Authentication Protocol) encryption, which has high security, but it needs to pass independent RADIUS (Remote Authentication Dial In User Service) Authentication by the server is expensive and requires the support of the client device. The encryption algorithm is intricate, and some require manual import of certificates. The use of users is cumbersome and has not been widely used.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method of improving public Wi-Fi network security based on wpa/wpa2 PSK multi-cipher
  • A method of improving public Wi-Fi network security based on wpa/wpa2 PSK multi-cipher
  • A method of improving public Wi-Fi network security based on wpa/wpa2 PSK multi-cipher

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0022] Specific implementation mode one: the process is as follows:

[0023] 1. Update the corresponding table data on the AP side, specifically including the following steps: The AP side randomly generates the user password passphrase 1 , the password is different for each client and is notified to the user in a private manner; the AP uses passphrase 1 Generate PMK 1 , reuse PMK 1 Generate PTK 1 ;PTK 1 Split into MIC KEY 1 and the rest, PTK 1 The first 16 bytes are MIC KEY 1 ;Retrieve the MIC KEY in field 1 of the corresponding table on the AP side 1 , if it exists, re-generate a new password randomly on the AP side; if it does not exist, the password is available, and then use the MIC KEY 1 As field 1, PTK 1 The remaining part is used as field 2 to generate a new record and store it in the corresponding table on the AP side to complete the update of the corresponding table data on the AP side. The corresponding table includes storing the MIC KEY 1 Field 1 and store...

specific Embodiment approach 2

[0026] Specific implementation mode two: the AP informs the client device of the user password passphrase in a private manner 1 In this case, the private method can be a mobile phone text message or scan a two-dimensional code. For example, when you register your mobile phone number when you check into a hotel, you will randomly generate a password and send it to the customer with a short message. Shops, restaurants, etc. can set up a small screen at the front desk to display the randomly generated password. The QR code with SSID and passphrase will be regenerated and displayed or updated regularly every time STA connects.

specific Embodiment approach 3

[0027] Specific implementation mode three: This implementation mode is characterized in that: the AP uses passphrase 1 Generate PTK 1 , the PTK 1 Divided into MIC KEY 1 and the rest, the MIC KEY 1 Use it as field 1, and use the rest as field 2 to establish the AP-side correspondence table or complete the data update of the AP-side correspondence table. This method is relatively simple and easy to implement. In this way, the data stored on the AP side can only complete authentication verification and transmission encryption, and cannot reverse the passphrase, thereby preventing user password leakage caused by database leakage.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for improving public Wi-Fi network security based on WPA / WPA2PSK multiple passwords. The invention belongs to the field of information security. Limited by WPA / WPA2PSK, Wi-Fi networks in public places can usually only set a single public password at present. People within the coverage area can steal user information through packet capture and decryption, forged phishing APs, intranet packet capture, and intranet man-in-the-middle attacks, which will bring hidden dangers to user information security. The present invention sets multiple sets of different WPA / WPA2PSK passwords for users to use through a single Wi-Fi network. Users do not know other people's passwords and are isolated from each other, thereby preventing user data from being stolen and improving the confidentiality of Wi-Fi users surfing the Internet in public places And the security of online transactions, while keeping the user's hardware, software, and connection methods unchanged, ensuring compatibility with the original user-end equipment.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to a method for improving public Wi-Fi network security based on WPA / WPA2 PSK multiple passwords. Background technique [0002] At present, the main encryption methods of Wi-Fi network are as follows: WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) / WPA2 PSK (Pre-shared Key), WPA / WPA2 Enterprise. Among them, WEP is rarely used because of serious security problems; WPA / WPA2 PSK is a widely used encryption method, but it has certain limitations, that is, all people connected to the Internet can only use a single password set by the AP (Access Point). When connecting with a public password, anyone who knows the password can steal the data of other users, and the data transmitted through a non-SSL (Secure Sockets Layer) connection can be stolen directly by capturing the packet and then decrypting it with the public password; and For the SSL connection, you ca...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04W12/02H04W12/06
CPCH04L63/0428H04L63/083H04W12/02H04W12/06
Inventor 于博涵
Owner 于博涵
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap