Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Radio LAN security access method based on roaming key exchange authentication protocal

A wireless local area network and authentication protocol technology, applied in the field of wireless local area network security access, can solve the problems of loss of security properties, difficult operation, inability to provide identity protection and session key consistency, etc., to achieve user identity protection and improve protocol performance Effect

Inactive Publication Date: 2005-01-12
XIDIAN UNIV
View PDF0 Cites 39 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0028] 2) The protocol requires both parties to have public key certificates, which is difficult to operate in practice when the public key infrastructure is not widely deployed;
[0029] 3) The protocol does not protect user identities, and the number of protocol interaction rounds is 5
[0036] 2) The protocol does not have the security properties of forward secrecy PFS and non-key leakage camouflage N-KCI, and the number of protocol interaction rounds must be greater than 5;
[0045] 2) The agreement does not have the nature of identity protection;
[0046] 3) The mobile node MN and the wireless access point AP may generate inconsistent session keys
Although EAP-TLS has high security, it cannot provide identity protection; EAP-TTLS and PEAP change the use of TLS and provide identity protection, but lose some security properties and increase the number of protocol interaction rounds; WAI Although the number of interactive rounds of the protocol is small, the number of public key calculations performed by WAI on the access node AP is too large, which affects the performance of the AP, and cannot provide identity protection and session key consistency; in a wireless network environment, users The security threat is greater than that of the wired network, so security cannot be sacrificed to obtain other benefits; but for wireless mobile users, their identities need to be kept secret
To sum up, the current existing technologies can neither fully meet the security requirements of the wireless environment nor the performance requirements of roaming protocols.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Radio LAN security access  method based on roaming key exchange authentication protocal
  • Radio LAN security access  method based on roaming key exchange authentication protocal
  • Radio LAN security access  method based on roaming key exchange authentication protocal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0138] exist figure 1 In the identity authentication process shown, another implementation manner of encrypting the identity of the mobile node MN is:

[0139] The mobile node MN associates its identity user with a random number m, such as cascading user and m or performing XOR operation on user and m, and then uses the public key g of the home authentication server H-AS a encryption. Send the encrypted identity and random number to the home authentication server H-AS.

[0140] exist figure 1 In the identity authentication process shown, another implementation of the identity authentication of the home authentication server H-AS is:

[0141] The home authentication server H-AS uses its private key a to sign, and generates the identity authentication message of the home authentication server H-AS.

[0142] EAP-RKE performance comparison

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The method includes following steps: the H-AS (authentication sever at home end) is replaced by the F-AS (authentication server at far end) to originate an authentication challenge to MN (mobile node), the mutual identifications are made between MN and AP (access point) to build the shared cipher key; the network access identification of the MN is userarealm, 'user' is identification of user, realm is user's domain; the 'user' and 'realm' are separated, user is random encrypted to implement user's ID protection. By using the invention the interaction time between F-AS and H-AS is one, so that the performance is increased.

Description

technical field [0001] The invention belongs to the technical field of wireless communication security, in particular to a wireless local area network security access method (EAP-RKE) based on roaming key exchange authentication protocol, which provides security guarantee for local access and roaming access of mobile nodes. [0002] the term [0003] EAP-Extensible Authentication Protocol (Extensible Authentication Protocol) [0004] NAI-Network Access Identifier [0005] RADIUS-Remote Authentication Dial In User Service (Remote Authentication Dial In User Service) [0006] AAA-Authentication, Authorization, and Auditing (Authentication, Authorization, Accounting) [0007] TLS-Transport Layer Security [0008] TTLS-Tunneled Transport Layer Security (Tunneled TLS) [0009] PEAP - Protected Extensible Authentication Protocol (Protected EAP Protocol) [0010] RKE-Roaming Key Exchange (Roaming Key Exchange) [0011] MN-Mobile Node (Mobile Node) [0012] AP-Access Point (Ac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/02H04W12/0471H04W12/06
Inventor 马建峰赖晓龙孙军帅王卫东史庭俊彭志威王超
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products