共查询到20条相似文献,搜索用时 875 毫秒
1.
当前无线局域网(WLAN)主要的认证技术包括了IEEE 802.11中的开放系统认证和共享密钥认证,IEEE 802.11i中的802.1x认证协议,以及我国的无线局域网安全标准WAPI中的WAI认证机制.概述了以上各种认证机制,讨论了它们各自的优缺点,并根据其存在的安全漏洞,给出了两种改进方案.最后给出了WLAN认证机制的进一步研究方向. 相似文献
2.
3.
4.
首先介绍无线局域网的新一代安全标准IEEE 802.11i,并详细阐述四次握手协议。结合实际情况,指出四次握手协议的缺陷及其可能带来的攻击,并描述IEEE 802.11i建议的方案,及其局限性和仍然存在的攻击。最后提出TPTK随机丢弃队列、消息1身份认证的解决方案。 相似文献
5.
本文通过对量子密码BB84协议及IEEE802.11i认证协议的分析与讨论,深入研究了802.11i密钥管理机制中的4次握手,利用量子密码安全的优势与IEEE802.11i无线网络相结合,提出量子握手,为无线网络中数据的通信安全提供保障。 相似文献
6.
提出一种无双线性对无证书的WLAN可信接入认证协议CTAPwoP.该协议以可信网络连接架构的基本思想为基础,将平台身份认证和平台完整性校验与用户身份认证过程巧妙结合,使得新协议仅需3轮交互就能实现站点(station,STA)与接入点(access point,AP)之间的双向身份认证和单播会话密钥的协商,同时实现AS对STA的平台身份认证和平台完整性校验.为进一步提高性能,该协议利用椭圆曲线上的点乘运算替换了传统无证书公钥密码体制中复杂的双线性对运算.安全性分析表明,该协议在高安全强度的eCK(extended Canetti-Krawczyk)模型下是安全的;性能分析表明:与IEEE802.11i的接入认证方案相比,该协议在计算开销和通信负载方面性能优势明显. 相似文献
7.
基于802.11i的WLAN安全认证机制研究与实现 总被引:1,自引:0,他引:1
殷安生 《计算机技术与发展》2010,20(9):127-130
WLAN标准IEEE802.11的安全机制存在严重的漏洞,论证了如何以最新的IEEE802.11i标准中的安全机制来改善WLAN的安全性。考虑安全性与效率,应侧重依靠认证机制来实施WLAN的安全防护,通过IEEE802.11i RSN中的安全措施来更新WLAN现有的安全体系。最后基于EAP-TLS认证机制,设计了一种WLAN安全认证系统模型,该模型改变了传统认证机制中的安全策略,使用四步握手以及增强的密钥颗粒度方法提高了认证过程的安全性,并给出了该安全认证系统相应认证模块的软件实现方案,同时对该认证系统的安全性和适用性进行了相关论证。 相似文献
8.
通过对IEEE802.11i四次握手过程的研究,发现其存在缺陷并可能受到的拒绝服务攻击。针对这一安全漏洞,研究TPTK、重用Nonce、消息1身份认证三种改进方法,并对这三种改进方法的安全性进行分析。这三种改进方法在避免拒绝服务攻击的同时,都给无线局域网带来新的安全威胁。提出进一步研究的思路与方向。 相似文献
9.
10.
HP公司最近推出HP ProCurve见线访问点420,它是用于各类企业的全功能IEEE 802.11g访问点,支持混合的802.11b/g无线局域网(WLAN)部署,通过Wi-Fi认证.能够保证IEEE 802.11g和多厂商产品的互操作性.而且能够升级支持即将批准的IEEE 802.11i规范。 相似文献
11.
12.
Runtime optimization of IEEE 802.11 wireless LANs performance 总被引:2,自引:0,他引:2
Bononi L. Conti M. Gregori E. 《Parallel and Distributed Systems, IEEE Transactions on》2004,15(1):66-80
IEEE 802.11 is the standard for wireless local area networks (WLANs) promoted by the Institute of Electrical and Electronics Engineers. Wireless technologies in the LAN environment are becoming increasingly important and the IEEE 802.11 is the most mature technology to date. Previous works have pointed out that the standard protocol can be very inefficient and that an appropriate tuning of its congestion control mechanism (i.e., the backoff algorithm) can drive the IEEE 802.11 protocol close to its optimal behavior. To perform this tuning, a station must have exact knowledge of the network contention level; unfortunately, in a real case, a station cannot have exact knowledge of the network contention level (i.e., number of active stations and length of the message transmitted on the channel), but it, at most, can estimate it. We present and evaluate a distributed mechanism for contention control in IEEE 802.11 wireless LANs. Our mechanism, named asymptotically optimal backoff (AOB), dynamically adapts the backoff window size to the current network contention level and guarantees that an IEEE 802.11 WLAN asymptotically achieves its optimal channel utilization. The AOB mechanism measures the network contention level by using two simple estimates: the slot utilization and the average size of transmitted frames. These estimates are simple and can be obtained by exploiting information that is already available in the standard protocol. AOB can be used to extend the standard 802.11 access mechanism without requiring any additional hardware. The performance of the IEEE 802.11 protocol, with and without the AOB mechanism, is investigated through simulation. Simulation results indicate that our mechanism is very effective, robust, and has traffic differentiation potentialities. 相似文献
13.
IEEE 802.11, the most popular standard, defines the protocols which covers all of Ethernet based wireless communication. This paper presented an implementation of IEEE 802.11 Frame Generator, which used FPGA as a hardware platform. This generator constructs the 802.11 frame and supplied it to DSSS as signal to be sent. There are 3 modules in this design. The 1st is the global control module, the 2nd module is CRC- 32 check and the 3rd is used to produce frame serial number. The characteristic of this de- sign is that the signal process and the transmission are made at the same time, i.e. real time processing. That is important to the wireless network device, which has narrower bandwidth and lower process energy. The Verilog HDL codes, block diagram of the whole system, and the simulation results were described in this paper. 相似文献
14.
基于802.11i的无线局域网安全加密技术研究 总被引:2,自引:0,他引:2
为了提高无线局域网的安全性,解决传统安全机制WEP协议中所存在的缺陷,给出了一种基于IEEE802.11i的无线局域网安全模型.在分析了IEEE802.11i协议的体系结构和安全机制的基础上,对IEEE802.11i的数据加密技术进行了剖析,详细分析了TKIP和CCMP协议的加解密过程和安全性能,结果表明,TKIP的安全性能仍有局限性,只是一种过渡方案,而CCMP才是健壮的数据保密协议. 相似文献
15.
IEEE 802.11n wireless physical layer technology increases the deployment of high throughput wireless indoor mesh backbones for ubiquitous Internet connectivity at the urban and metropolitan areas. Most of the network traffic flows in today’s Internet use ‘Transmission Control Protocol’ (TCP) as the transport layer protocol. There has been extensive works that deal with TCP issues over wireless mesh networks as well as noisy wireless channels. Further, IEEE 802.11n is well known for its susceptibility to increased channel losses during high data rate communication. This paper investigates the dynamics of an end-to-end transport layer protocol like TCP in the presence of burst and correlated losses during IEEE 802.11n high data rate communication, while maintaining fairness among all the end-to-end flows. For this purpose, we evaluate four TCP variants-Loss Tolerant TCP (LT-TCP), Network Coded TCP (TCP/NC), TCP-Horizon and Wireless Control Protocol (WCP), where the first two protocols are known to perform very well in extreme lossy networks, and the last two are specifically designed for mesh networks. Our evaluation shows that WCP performs better in a IEEE 802.11n supported mesh networks compared to other three variants. However, WCP also results in negative impact at high data rates, where end-to-end goodput drops with the increase in physical data rate. The analysis of the results reveals that explicit loss notifications and flow balancing are not sufficient to improve transport protocol performance in an IEEE 802.11n supported mesh backbone, rather a specific mechanism is required to synchronize the transport queue management with lower layer scheduling that depends on IEEE 802.11n features, like channel bonding and frame aggregation. The findings of this paper give the direction to design a new transport protocol that can utilize the full capacity of IEEE 802.11n mesh backbone. 相似文献
16.
针对VANET环境下标准IEEE 802.11p协议的MAC层对车辆移动性因素支持不足的问题,对IEEE 802.11p协议MAC层自适应移动性机制进行了研究。首先,构建了一种VANET通信场景;然后,基于构建的通信场景,分别基于节点邻居数量和节点相对速度提出了一种P持续CSMA/CA机制和一种基于节点相对速度的动态优先级管理机制;最后,基于Veins仿真平台构建了测试场景,并对提出的改进机制进行了仿真测试。测试结果表明提出的两种机制能够有效增加系统吞吐量、减少丢包数量、降低平均数据传输延迟和平均数据重传次数,显著提升了VANET网络性能。 相似文献
17.
通过对串空间模型的扩展,使其具备分析复杂安全协议的能力。利用扩展后的串空间模型,对IEEE802.11i协议中的4步握手协议进行分析,证明4步握手协议达到协议机密性和认证正确性目标的结论。指出在协议可用性分析方面还须继续对分析方法进行扩展研究。 相似文献
18.
在研究IEEE802.11标准的基础上,查阅了Ad Hoc网络信道接入的相关资料,分析了IEEE 802.11信道接入协议的优缺点,提出了对IEEE 802.11DCF工作模式的改进建议,以提高整个系统的性能.本文所作的主要工作包括以下几个方面:1.对IEEE802.11所采用的BEB退避机制,在分析了其缺点的基础上,参照了相关的改进算法,如MILD、LMILD、EIED等,提出了基于信道状况,根据信道忙闲程度的不同来设定相应的竟争窗口的退避机制,缓解了信道接入时发生的不公平性,提高了系统吞吐量.2.对DCF的工作机制进行了改动,在延迟阶段对信道进行探测,以避免出现错误的阻塞,同时,根据节点收发RTS/CTS的情况,探测信道的状况,来确定是否可以并行传送数据,以提高吞吐量.3.对原有的IEEE8 02.11中RTS/CTS和DATA报文的重传门限进行了改进,引入了一种自适应机制来进行门限值得设定,以减少报文被丢弃的可能性,从而达到减少触发TCP拥塞控制机制可能性的目的,从而提高系统的吞吐量.4.使用网络仿真器NS2对相关的改进进行了模拟仿真,仿真结果表明,与原有的接入方案相比,改进后的方案在网络性能方面有所提高.本文针对IEEE802.11的缺陷,提出了一些改进,为Ad Hoc网络的研究,提供了一些参考,具有一定的参考价值和借鉴意义. 相似文献
19.
802.11无线局域网中的智能AP切换策略 总被引:2,自引:0,他引:2
在802.11协议内,站点有权选择将要连接的接入点,因此接入点选择机制的实现就成为了负载平衡的一个关键因素.新提出的AP切换策略可应用到新的兼容802.11e的无线网络.由于无需对原有的802.11和802.11e作修改,无论从实现成本和兼容性两个方面来看,都是很实用的方案.仿真实验表明该策略既能充分利用无线通信资源,又可以实现无线局域网内的负载平衡. 相似文献