| New Approach to WLAN Security with Synchronized Pseudo Random |
| |
| 作者姓名: | Qing-HuaZheng DavidL.Pepynet QingWang |
| |
| 作者单位: | Qing-Hua Zheng,David L. Pepyne,and Qing Wang
Department of Computer Science and Technology,Xi'an Jiaotong University,Xi'an 710049,P.R. China
Division of Engineering and Applied Sciences,Harvard University,Cambridge,MA 02138,U.S.A. |
| |
| 基金项目: | This work is supported by the National Natural Science Foundation of China under Grant No.60373105,the National High Technology Development 863 Program of China under Grant Nos.2003AA142060 and 2001BA101A01. |
| |
| 摘 要: | Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the authentication and confidentiality, it leaves a lot of vulnerabilities and threats. This paper proposes a protocol called SPRNG for wireless data-link layer security. SPRNG is based on the sender and receiver who generate in a synchronized way a pseudo-random number sequence. In each transmission, the sender and receiver use a pair of random numbers, one for data frame authentication, and the other for encryption key. The random numbers are used as "one-time passwords" for sender authentication and as fresh encryption keys for each frame. SPRNG is designed to be compatible with the existing 802.11 products. Like WEP, the current 802.11 security protocol, SPRNG uses a symmetric key as its seed. SPRNG has already been simulated and tested in experiment, it shows that SPRNG has stronger secur
|
| 关 键 词: | WLAN 网络安全 用户验证 WEP 重放攻击 |
New approach to WLAN security with synchronized pseudo random |
| |
| Qing-HuaZheng DavidL.Pepynet QingWang.New Approach to WLAN Security with Synchronized Pseudo Random[J].Journal of Computer Science and Technology,2004,19(6):0-0. |
| |
| Authors: | Email author" target="_blank">Qing-Hua?ZhengEmail author David?L?Pepyne Qing?Wang |
| |
| Affiliation: | (1) Department of Computer Science and Technology, Xi'an Jiaotong University, 710049 Xi'an, P.R. China;(2) Division of Engineering and Applied Sciences, Harvard University, 02138 Cambridge, MA, U.S.A. |
| |
| Abstract: | Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the authentication and confidentiality, it leaves a lot of vulnerabilities and threats. This paper proposes a protocol called SPRNG for wireless data-link layer security. SPRNG is based on the sender and receiver who generate in a synchronized way a pseudo-random number sequence. In each transmission, the sender and receiver use a pair of random numbers, one for data frame authentication, and the other for encryption key. The random numbers are used as "one-time passwords" for sender authentication and as fresh encryption keys for each frame. SPRNG is designed to be compatible with the existing 802.11 products. Like WEP, the current 802.11 security protocol, SPRNG uses a symmetric key as its seed. SPRNG has already been simulated and tested in experiment, it shows that SPRNG has stronger security than WEP because it reveals little information for attackers. The key problem of SPRNG, synchronization loss problem, is also presented. Though motivated by wireless security, SPRNG is generic for many other applications, especially in the point to point communication. |
| |
| Keywords: | wireless network wireless security authentication privacy synchronized pseudo random number WEP replay attack |
| 本文献已被 CNKI 维普 万方数据 SpringerLink 等数据库收录! |
| 点击此处可从《计算机科学技术学报》浏览原始摘要信息 |
|
点击此处可从《计算机科学技术学报》下载全文 |
