基于身份签名的认证方案在WEP协议中的应用

计算机工程与应用 ›› 2012, Vol. 48 ›› Issue (9): 83-85.

基于身份签名的认证方案在WEP协议中的应用

莫天庆1，张龙军1，赵李懿2

1.武警工程学院通信工程系，西安 710086
2.武警工程学院电子技术系网络与信息安全武警部队重点实验室，西安 710086

收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2012-03-21 发布日期:2012-04-11

Authentication mechanism using identity based signature in WEP protocol

MO Tianqing1, ZHANG Longjun1, ZHAO Liyi2

1.Department of Communication Engineering, Engineering College of Armed Police Force, Xi’an 710086, China
2.Key Lab of Network & Information Security of APF, Engineering College of Armed Police Force, Xi’an 710086, China

Received:1900-01-01 Revised:1900-01-01 Online:2012-03-21 Published:2012-04-11

摘要/Abstract

摘要： 分析了WEP协议，指出了WLAN安全机制的最终隐患是初始向量IV未经认证。针对初始向量IV提出一种基于身份签名的认证方案。该方案使用NAI（Network Access Identifier）作为用户公钥，简化了无线环境中的密钥管理问题，有效地解决了对初始向量IV的认证问题。安全性分析表明，该方案能在不改变对现有设施要求的前提下保证初始向量的机密性和不可否认性，能抗FMS分析方法、抗密钥流重复使用和已知明文攻击。

关键词: 有线等效保密（WEP）, RC4, 初始向量, 身份签名

Abstract: Based on the analysis on the security mechanism of Wireless Local Area Network（WLAN）, it is found that due to the Initialization Vector（IV） which is published by Wired Equivalent Privacy（WEP） protocol without encrypting, there are many serious secure leaks in its application. This paper proposes an efficient authentication mechanism using identity based signature to solve these problems. This scheme uses NAI（Network Access Identifier） as public key and simplifies the key management in wireless environment, and it can resolve the deficiency in the authentication of the IV. The analysis demonstrates that the scheme not only guarantees the confidentiality and non-repudiation of the IV but also is developed with consideration for taking advantages of the existing hardware facilities. It can also protect the IV from the attacks focusing on invariance weakness and IV weakness.

Key words: Wired Equivalent Privacy（WEP）, RC4, initialization vector, identity based signature

莫天庆1，张龙军1，赵李懿2. 基于身份签名的认证方案在WEP协议中的应用[J]. 计算机工程与应用, 2012, 48(9): 83-85.

MO Tianqing1, ZHANG Longjun1, ZHAO Liyi2. Authentication mechanism using identity based signature in WEP protocol[J]. Computer Engineering and Applications, 2012, 48(9): 83-85.

[1]	陈虹，刘雨朦，肖成龙，郭鹏飞，肖振久. 基于BBS产生器和椭圆曲线的改进RC4算法[J]. 计算机工程与应用, 2020, 56(8): 87-95.
[2]	侯整风，孟毛广，朱晓玲，刘栋琦. RC4流密码算法的分析与改进[J]. 计算机工程与应用, 2015, 51(24): 97-101.
[3]	陆海军，谢琪. 基于身份聚合签名方案的分析与改进[J]. 计算机工程与应用, 2012, 48(13): 75-78.
[4]	薛荣红，张建中. 对二次剩余构造的签名方案的分析与改进[J]. 计算机工程与应用, 2011, 47(22): 102-104.
[5]	姜含之. 基于身份无可信PKG的聚合签名方案[J]. 计算机工程与应用, 2011, 47(16): 104-107.
[6]	王赜，刘文菊，柯永振. 采用身份签名技术的无线Mesh网认证方法[J]. 计算机工程与应用, 2010, 46(7): 83-85.
[7]	王信敏¹,郑世慧². PRGA的初始状态与RC4算法的安全性[J]. 计算机工程与应用, 2009, 45(8): 107-108.