Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/8135
標題: 架構於無線區域網路之密鑰產生與漫遊安全機制
An Enhanced Key Generation and Roaming Security for Wireless LANs
作者: 張瑞麟
CHANG, REAY-LIN
關鍵字: 802.11;802.11;802.1x;mutual authentication;public key encryption;security key exchange;802.1x;相互認證;公開金鑰;密鑰交換
出版社: 電機工程學系
摘要: 
近來,以802.11為基礎的無線區域網路系統愈來愈受歡迎,例如:機場、百貨公司等都有架設;筆記型電腦、PDA等都可用來上網,而且,連線速度可達11Mbps,這些個人用的數位裝置有共同的特色就是容易移動,IEEE 802.11f 提供IAPP(Inter-Access Point Protocol)來支援需要漫遊的用戶使用,而最近的研究顯示IEEE 802.11之安全協定WEP (Wired Equivalent Privacy)有相當多的漏洞存在。IEEE 802.1X和IEEE 802.11i所提出的方案能解決其中的一些問題,但802.1X用於無線區域網路也將會有安全上的問題產生,這些存在的缺點將會使得系統易遭受到中間人攻擊及通訊攔劫,而802.11i目前尚是草稿(draft)的狀態。從這兩個標準可得知無線通訊的安全問題主要是在於密鑰的傳輸與雙方相互身份的認證。
針對這些問題,我們提出一個產生祕密金鑰的方法,讓使用者和AP各自產生通訊金鑰,利用這把金鑰來創造一條在使用者和AP之間的祕密通道。這個方法有三個階段來完成,且階段中的每個步驟都在公開金鑰加密演算法中完成,所以不會有重要的訊息被不速之客取得;另外,藉由這個方法利用第三者認證的觀念來達到雙方的認證,另外我們將這個方法延伸到漫遊機制,並提出另一個結合上述祕密通道的方法來完成安全的漫遊,這個方法比IAPP更有效率。

The 802.1X and 802.11i were proposed to resolve some problems in 802.11. However, the 802.1x still has some drawbacks and could be hijacked through middle of communication session. The main problems in the wireless LANs security standards are the key distribution and mutual authentication between the supplicant and the access point (AP)[1][2]. The same character of all personal digital devices is mobility. 802.11f draft provides IAPP for used by roaming. In this thesis, we propose a secure channel for regular communication and roaming security and a security key exchange scheme, one time session key generation protocol (OTSKGP) to avoid being hijacked. The prime purpose is to create a secure channel between supplicant and AP. The supplicant and AP compute their session key individually. This scheme includes three phases and all the steps of the phases are protected by public-key encryption. Therefore no information can be hijacked between supplicant and server or between AP and server. Besides, we propose a new secure roaming which is using the OTSKGP.
URI: http://hdl.handle.net/11455/8135
Appears in Collections:電機工程學系所

Show full item record
 

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.