| 一种有效的WLAN可信匿名认证协议 |
| |
| 引用本文: | 张斯芸,刘建伟.一种有效的WLAN可信匿名认证协议[J].信息安全与通信保密,2012(9):138-140. |
| |
| 作者姓名: | 张斯芸 刘建伟 |
| |
| 作者单位: | 北京航空航天大学电子信息工程学院,北京,100191 |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划)资助项目,高等学校博士学科点专项科研基金资助项目 |
| |
| 摘 要: | 选取扩展认证-安全传输层(EAP-TLS,Extensible Authentication Protocol-transport Layer Security)协议与直接匿名认证(DAA,Direct Anonymous Attestation)结合,简化了EAP-TLS中用户与服务器间相互证书的交换和认证,去掉冗余步骤,合并EAP-TLS中握手过程和DAA中匿名认证过程。将可信平台模块(TPM,Trusted Platform Module)引入无线局域网(WLAN,Wireless Local Area Networks),实现用户身份的匿名认证,减轻了EAP-TLS协议证书管理压力,不存在效率瓶颈,安全程度比EAP-TLS有所提高,能有效抵抗重放攻击、中间人攻击、拒绝服务(DoS,Denial of Services)攻击等安全威胁。
|
| 关 键 词: | 无线局域网 扩展认证-安全传输层协议 直接匿名认证机制 匿名认证 |
An Efficient Trusted Anonymous Authentication Protocol for WLAN |
| |
| ZHANG Si-yun,LIU Jian-wei.An Efficient Trusted Anonymous Authentication Protocol for WLAN[J].China Information Security,2012(9):138-140. |
| |
| Authors: | ZHANG Si-yun LIU Jian-wei |
| |
| Affiliation: | (School of Electronics & Information Engineering, Beihang University, Beijing 100191, China) |
| |
| Abstract: | By combining EAP-TLS protocol in 802. 1X with DAA scheme in trusted computing, the mutual certificates exchange and authentication between clients and servers in EAP-TLS could be simplified, the redundant steps abandoned, and the handshake process in EAP-TLS with anonymous authentication process in DAA integrated. TPM is introduced into WLAN, thus to realize anonymous authentication. The pressure on certificate management of original EAP-TLS is reduced, and no efficiency bottleneck remains. The new protocol is more secure than original EAP-TLS protocol and can efficiently resist security threats like replay attacks, man-in-the-middle attacks and DoS attacks. |
| |
| Keywords: | WLAN EAP-TLS DAA anonymous authentication |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
