| 基于IPSec的无线局域网安全通信机制分析及其算法研究 |
| |
| 引用本文: | 吴越,史小红,曹秀英,毕光国.基于IPSec的无线局域网安全通信机制分析及其算法研究[J].应用科学学报,2003,21(2):193-198. |
| |
| 作者姓名: | 吴越 史小红 曹秀英 毕光国 |
| |
| 作者单位: | 1.东南大学无线电系移动通信国家重点实验室, 信息安全研究中心 江苏 南京 210096;2.华东船舶工业学院 电子与信息学院 江苏 镇江 212003 |
| |
| 基金项目: | 国家高技术研究发展计划(2001AA143040);东南大学移动通信国家重点实验室开放基金(A0108)资助项目 |
| |
| 摘 要: | 分析了现有无线局域网标准IEEE802.11中的WEP协议密钥序列重复使用、消息认证和完整性、密钥管理与更新问题的安全机制的脆弱性,提出了基于IPSec的安全WLAN解决方案,详细讨论了其中的安全认证、完整性保护、重放攻击保护、机密性算法和密钥交换的结构和原理,给出其相应的编程实现,并对结果进行了深入的安全分析,最后对今后研究的方向作出了展望。
|
| 关 键 词: | 无线局域网 安全 认证 WEP协议 IP安全 加密 |
| 文章编号: | 0255-8297(2003)02-0193-06 |
| 收稿时间: | 2002-06-14 |
| 修稿时间: | 2002-09-17 |
A Security Analysis of the IPSec Based WLAN Solution and a Study of Its Algorithm |
| |
| WU Yue,SHI Xiao-hong,CAO Xiu-ying,BI Guang-guo.A Security Analysis of the IPSec Based WLAN Solution and a Study of Its Algorithm[J].Journal of Applied Sciences,2003,21(2):193-198. |
| |
| Authors: | WU Yue SHI Xiao-hong CAO Xiu-ying BI Guang-guo |
| |
| Institution: | 1.National Laboratory of Mobile Communications, Department of Radio Engineering, SoutheastUniversity, Nanjing 210096, China;2.College of Electronics and Information, East China Shipbuilding Institute, Zhenjiang 212003, China |
| |
| Abstract: | This paper describes the vulnerability of the wired equivalent privacy(WEP) protocol in current IEEE802. 11 WLAN standard, such as key sequence reuse, key management and refreshment, message authentication and integrity, etc. It also presents a security solution for WLAN based on IP Security (IPSec) and discusses the fundamental principles of data origin authentication, integrity protection, anti-replay protection and key exchange, Finally it describes their software implementations, makes a security analysis of the solution and looks into the future research. |
| |
| Keywords: | wireless local area network (WLAN) security authentication encryption WEP algorithm IP security(IPSec) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《应用科学学报》浏览原始摘要信息 |
| 点击此处可从《应用科学学报》下载免费的PDF全文 |
