罗立文

2012-01-01

Abstract:Wireless LAN as the most popular wireless communication technology in the world has been rapid and the popular ization of the security will be more and more attention.Step too cumbersome set of wireless network encryption and authenti cation,WPS technology applications and students,the technology can simplify wireless network security encryption settings,but because of its design principles have serious flaws,so bring a lot of security risks.This paper first analyzes WPS encryption and authentication principle followed by the experiment proved the the WPS technology of vulnerability,the last the WPS currently exist,proposed the building of more secure and robust wireless LAN solutions.

王大虎,杨维,魏学业

DOI: https://doi.org/10.3969/j.issn.1003-3033.2004.08.025

2004-01-01

Abstract:Based on the description of the wired equivalent privacy (WEP) protocol in IEEE802.11 WLAN standard,some serious security drawbacks such as key sequence reuse, message authentication and integrity in the way of design and practical application are studied in depth. Security solution for WEP in WLAN is analyzed in detail. WEP2, an improved algorithm of WEP, is presented, in which the IV is raised to 128 bits to boost up the ability of resisting attack. Feasibility of AES is analyzed. As for the regeneration and distribution of key,authenticated key exchange in MAC layer is realized to improve the vulnerability. The prospect for future study on WEP is given.

邢新景,张朝阳,王匡

DOI: https://doi.org/10.3969/j.issn.1003-8329.2003.04.009

2003-01-01

Wireless Communication Technology

Abstract:The WEP security algorithm used in IEEE 802.11 wireless LAN is introduced. Under the basis of a systematical analysis, flaws embedded in WEP are pointed out, and correspondingly, several attacking methods are provided to prove the weakness of WEP. The upgraded version of WEP algorithm-TKIP was also introduced and analyzed. At last, some potential solutions to the security problems are also proposed in using existing IEEE 802.11 equipments.

YongLei Liu,Zhigang Jin,Ying Wang

DOI: https://doi.org/10.1109/WICOM.2010.5601275

2010-01-01

Abstract:As the critical security flaw of WEP is discovered, concern of researchers is more and more attracted by the scheme of WPA/WPA2 which includes 802.1X, authentication protocol, and TKIP and CCMP encryption algorithms. In this paper, an overview of WPA/WPA2 is supplied. And then, the vulnerabilities of WPA/WPA2 and current researches in the method of attacking WPA/WPA2 are introduced. In the last part, these researches are analyzed and concluded.

Wu Liu,HaiXin Duan,Ping Ren,Jianping Wu

DOI: https://doi.org/10.1109/ICGCS.2010.5543034

2010-01-01

Abstract:As the rapid development of Internet and information technology, more and more people now access Internet via Wireless Local Area Network (WLAN) with many features such as: mobility, convenience and low-cost, but the security flaws existed in RC4, WEP and WPA lead to security issues in WLAN. In this paper, we present several serious security flaws in these protocols, stemming from misapplication of cryptographic primitives and discuss in detail each of the flaws, the underlying security principle violations, and implement relative attacks to show the weakness of WLAN protocols. © 2010 IEEE.

Xian-Shi Zhang,Ge-Wen Kang,Xin-Heng Wang

2009-01-01

Abstract:An analysis of WLAN security mechanisms of wired equivalent privacy (WEP) and Wi-Fi protected access (WPA) discovers that the current literature is not totally creditable in its judgment on the security value of WEP and WPA. Based on the respective performances of WEP and WPA under certain typical attacks, this paper substantiates the judgment that WEP has quite a few vulnerabilities concerning confidentiality and integrity, but at the same time challenges the judgment on WPA with that WPA is robust enough to confront potential typical attacks and is not so unreliable as the current literature believes, although it has some vulnerabilities in its message integrity code (MIC).

Ying Wang,Zhigang Jin,Ximan Zhao

DOI: https://doi.org/10.1109/wicom.2010.5600921

2010-01-01

Abstract:WLAN is widely used since it provides a both convenient and flexible way of communication. However, it is more vulnerable to unauthorized access. So WEP and WPA are proposed to improve the security of WLAN as two popular standards. But they are not perfect. In this article we analyze their shortcomings and raise two mechanisms named d-WEP and d-WPA-PSK. The d-WEP adopts the frequency of ARP requests to AP as a standard to judge whether AP is attacked and prevents the client suspected to access by dropping the ARP requests from it. Next we theoretically analyze the feasibility and do some corresponding experiments based on the loadable module, netfilter and hostap functions of linux. The experimental results show d-WEP can effectively prevent the active attack against WEP which is consistent with the result of theoretical analysis. On the other hand, the d-WPA-PSK uses such a mechanism that the PSK is regularly replaced to prevent dictionary attacks. This method has been proven to be feasible in theory. So for wireless network security, our research will have great significance.

吴越,史小红,曹秀英,毕光国

DOI: https://doi.org/10.3969/j.issn.0255-8297.2003.02.018

2003-01-01

Journal of Applied Sciences

Abstract:This paper describes the vulnerability of the wired equivalent privacy(WEP) protocol in current IEEE802. 11 WLAN standard, such as key sequence reuse, key management and refreshment, message authentication and integrity, etc. It also presents a security solution for WLAN based on IP Security (IPSec) and discusses the fundamental principles of data origin authentication, integrity protection, anti-replay protection and key exchange, Finally it describes their software implementations, makes a security analysis of the solution and looks into the future research.

Xing ZHOU,Yao-hong KANG,Sheng-jie SUN

DOI: https://doi.org/10.3969/j.issn.1004-1729.2005.02.013

2005-01-01

Abstract:Abstrcat This paper first introduces the security demands of WLAN(wireless local area network),discusses the algorithm of WEP security protocol of WLAN based on IEEE 802.11x,points out security flaws of WEP on the base of the above,and then analyzes deeply the principle and means of attack in communications of WLAN.

白珅,王轶骏,薛质

DOI: https://doi.org/10.3969/j.issn.1009-8054.2012.01.060

2012-01-01

Abstract:With the development of mobile communications, wireless network security becomes an attractive hot issue. Nowadays, WPA/WPA2, based on the WEP and by overcoming its shortcomings, is the most important wireless encryption scheme. WPA/WPA2 adopts various advanced security mechanisms, including encryption, authentication and message integrity check, etc, and thus could effectively protects the wireless communication security. However, WPA/WPA2 still has some flaws. Attackers could, with brute force crack or hash table crack, obtain the password in case a weak password is set. As a whole, WPA/WPA2 has high security, and is very difficult to crack.

WU Yi-chen,YANG Jing

DOI: https://doi.org/10.3969/j.issn.1007-1423-b.2012.19.005

2012-01-01

Abstract:Based on the research on the IEEE 802.11i 4-way handshake,it is found that there exists defects which will lead to denial of service attacks.Aiming at this security vulnerability,studies three improved methods,TPTK,re-Nonce and authentication to the initial message,and analyzes the security of these three methods.It is found that these improved methods will bring new security threats to WLAN.And puts forward the direction of further research.

Lei Zhang,Jiang Yu,Zugao Deng,Renfei Zhang

DOI: https://doi.org/10.1109/cecnet.2012.6202145

2012-01-01

Abstract:This paper discusses the security problems existing in the encryption methods of WPA/WPA2 in wireless network and analyses the cracking method of WPA/WPA2 encryption. BackTrack5 that was lately issued is adopted to capture the 4-way handshake package in Linux System. Then, the handshake packets are copied to Win7 and cracked by EWSA-GPU. The comparison and analysis of data via this method with that of via cracking WPA/WPA2 by BackTrack4 prove that this method can greatly improve the cracking speed. Finally some encrypted strategies that against the new cracking methods are disposed.

Li Wang,Bala Srinivasan,Nandita Bhattacharjee

DOI: https://doi.org/10.4304/jnw.6.3.470-481

2011-01-01

Abstract:IEEE 802.11i standard defines the security specifications of IEEE 802.11 series Wireless Local Area Network (WLAN). It is the replacement of the old security standard named Wired Equivalent Privacy (WEP), and it aims to eliminate all known attacks against WEP. It well defines the solutions to the confidentiality, mutual authentication and integrity aspects of the WLAN security except the availability aspect. Many researchers have shown that IEEE 802.11i standard cannot prevent various Denial of Service (DoS) attacks including de-authentication, disassociation and memory/CPU DoS attacks. Besides, IEEE 802.11i reserved the PSK mode of WEP for flexibility and backward compatibility. However, the PSK mode in IEEE 802.11i standard fails to provide sufficient security to prevent offline dictionary attacks and internal attacks . In this paper, we present our solutions which can effectively improve IEEE 802.11i. For memory/CPU DoS attack against 4-way Handshake protocol, we propose an alternative Enhanced 3-way Handshake protocol which can effectively prevent this attack and can save computation cost compared to the original one . For the vulnerability in PSK mode, we proposed a novel ECDH protocol to prevent the offline dictionary attacks and internal attacks. The formal proofs of above two proposed protocols are also provided using Protocol Composition Logic (PCL).

Wan-ping YE,Qi HONG,Dao-ming KE

DOI: https://doi.org/10.3969/j.issn.1009-3044.2009.13.021

2009-01-01

Abstract:IEEE802.11 group introduced the Security Mechanism into the MAC layer,which is based on the Wired Equivalent Privacy algorithm.WEP uses CRC-32 checking code inside the RC4 encipher system to provide message integrity check..This paper analyses its shortages,then introduces 802.11i and WAPI,presents their improvement to increase the security performance of WLAN.

WU Yi-chen

DOI: https://doi.org/10.3969/j.issn.1006-2475.2013.01.043

2013-01-01

Abstract:In order to overcome the vulnerability of WEP itself,Wi-Fi Alliance puts forward WPA/WPA2 security solutions.But in actual applications,WPA/WPA2 still exist some defects which can be attacked.Especially in WPA/WPA2-PSK mode,user passphrase can be acquired through the dictionary attack after capturing several specific wireless packets.Through the analysis of the dictionary attack principle,an improved method of dynamic key negotiation in WPA/WPA2-PSK mode is developed.The improved method is based on symmetric key encryption technology and could avoid user passphrase suffering from dictionary attack.The improved method strengthens the safety of WPA/WPA2-PSK mode.

Zhou Guitang,Lin Bogang

DOI: https://doi.org/10.3969/j.issn.1009-8054.2005.12.034

2005-01-01

Abstract:In this paper , the Wireless Lan and their security procotol: WEP, WPA and IEEE802.1H are introduced. These protocol and their shortage are analyzed. Then the application of VPN and IDS in WLAN and their shortage are introduced. At last, we introduce Chinese Wireless Lan security protocol WAPI.

Liaojun Pang,Huixian Li,Yumin Wang

DOI: https://doi.org/10.3969/j.issn.1003-7985.2008.01.006

2008-01-01

Abstract:Based on thorough researches on the Chinese wireless local area network (WLAN) security standard,i.e.,WLAN authentication and privacy infrastructure (WAPI),the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi-Needham) logic.Results show that it can achieve the alleged authentication and key negotiation goals.Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements,such as mutual identity authentication,mutual key control,key confirmation,message integrity check,etc.If the used elliptic curve encryption algorithm and the hash algorithm are secure enough,the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point).Therefore,WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security.

严宏,何晨

DOI: https://doi.org/10.3321/j.issn:1006-2467.2004.05.008

2004-01-01

Shanghai Jiaotong Daxue Xuebao/Journal of Shanghai Jiaotong University

Abstract:The essential causes of wired equivalent privacy (WEP) vulnerability in standard 802.11 for wireless LAN were analyzed. Based on it, an efficient improvement was proposed, which introduces synchronized per-packet encryption keys and Michael keys into the original WEP algorithm. The analysis and simulation show that this improvement can correct the design flaws of WEP stated in some previous papers and promote significantly the security performance of wireless LAN.

ZHANG Fan,MA Jian-feng

DOI: https://doi.org/10.3969/j.issn.1001-2400.2005.04.013

2005-01-01

Journal of Xidian University

Abstract:This paper makes an analysis of the authentication protocol of the Chinese Wireless LAN security standard WAPI(Wireless Authentication and privacy Infrastructure) implementation plan using an enhanced BAN logic—AUTLOG logic. Results show that when the authentication protocol is finished, STA and AP can authenticate each other's identity and establish a shared pairwise master key. We further conclude that this implementation plan has modified the security issues of the original standard, and thus it can completely reach the authentication goals and satisfy desirable security attributes.

LIU An,JIN Zhi-gang,WANG Ying

DOI: https://doi.org/10.3969/j.issn.1001-3695.2014.08.061

2014-01-01

Abstract:The performance bottlenecks of the existing cracking scheme which was used to attack the WPS authentication mechanism of WLAN was its air transmission delay and its retransmission delay caused by timeout. The proposed MACH scheme,which used parallel collaboratively cracking strategy with multiple threads,could effectively use computing resources on access control devices to make a high speed cracking on WPS. Colored Petri net model analysis showed that by sharing the cracking status words collaboratively among multiple cracking pipelines,it could effectively reduce the computing resources waste caused by air transmission delay and retransmission delay during WPS authentication session and thus enhanced the efficiency of cracking WPS. Experiment results show that with multiple WLAN adapters collaboratively cracking,MACH scheme can obtain a cracking speed boost nearly linear speedup.