Abstract: Based on the analysis on the security mechanism of Wireless Local Area Network（WLAN）, it is found that due to the Initialization Vector（IV） which is published by Wired Equivalent Privacy（WEP） protocol without encrypting, there are many serious secure leaks in its application. This paper proposes an efficient authentication mechanism using identity based signature to solve these problems. This scheme uses NAI（Network Access Identifier） as public key and simplifies the key management in wireless environment, and it can resolve the deficiency in the authentication of the IV. The analysis demonstrates that the scheme not only guarantees the confidentiality and non-repudiation of the IV but also is developed with consideration for taking advantages of the existing hardware facilities. It can also protect the IV from the attacks focusing on invariance weakness and IV weakness.

Key words: Wired Equivalent Privacy（WEP）, RC4, initialization vector, identity based signature

摘要： 分析了WEP协议，指出了WLAN安全机制的最终隐患是初始向量IV未经认证。针对初始向量IV提出一种基于身份签名的认证方案。该方案使用NAI（Network Access Identifier）作为用户公钥，简化了无线环境中的密钥管理问题，有效地解决了对初始向量IV的认证问题。安全性分析表明，该方案能在不改变对现有设施要求的前提下保证初始向量的机密性和不可否认性，能抗FMS分析方法、抗密钥流重复使用和已知明文攻击。

关键词: 有线等效保密（WEP）, RC4, 初始向量, 身份签名