王大虎,杨维,魏学业

DOI: https://doi.org/10.3969/j.issn.1003-3033.2004.08.025

2004-01-01

Abstract:Based on the description of the wired equivalent privacy (WEP) protocol in IEEE802.11 WLAN standard,some serious security drawbacks such as key sequence reuse, message authentication and integrity in the way of design and practical application are studied in depth. Security solution for WEP in WLAN is analyzed in detail. WEP2, an improved algorithm of WEP, is presented, in which the IV is raised to 128 bits to boost up the ability of resisting attack. Feasibility of AES is analyzed. As for the regeneration and distribution of key,authenticated key exchange in MAC layer is realized to improve the vulnerability. The prospect for future study on WEP is given.

WU Yi-chen

DOI: https://doi.org/10.3969/j.issn.1006-2475.2013.01.043

2013-01-01

Abstract:In order to overcome the vulnerability of WEP itself,Wi-Fi Alliance puts forward WPA/WPA2 security solutions.But in actual applications,WPA/WPA2 still exist some defects which can be attacked.Especially in WPA/WPA2-PSK mode,user passphrase can be acquired through the dictionary attack after capturing several specific wireless packets.Through the analysis of the dictionary attack principle,an improved method of dynamic key negotiation in WPA/WPA2-PSK mode is developed.The improved method is based on symmetric key encryption technology and could avoid user passphrase suffering from dictionary attack.The improved method strengthens the safety of WPA/WPA2-PSK mode.

Xian-Shi Zhang,Ge-Wen Kang,Xin-Heng Wang

2009-01-01

Abstract:An analysis of WLAN security mechanisms of wired equivalent privacy (WEP) and Wi-Fi protected access (WPA) discovers that the current literature is not totally creditable in its judgment on the security value of WEP and WPA. Based on the respective performances of WEP and WPA under certain typical attacks, this paper substantiates the judgment that WEP has quite a few vulnerabilities concerning confidentiality and integrity, but at the same time challenges the judgment on WPA with that WPA is robust enough to confront potential typical attacks and is not so unreliable as the current literature believes, although it has some vulnerabilities in its message integrity code (MIC).

邢新景,张朝阳,王匡

DOI: https://doi.org/10.3969/j.issn.1003-8329.2003.04.009

2003-01-01

Wireless Communication Technology

Abstract:The WEP security algorithm used in IEEE 802.11 wireless LAN is introduced. Under the basis of a systematical analysis, flaws embedded in WEP are pointed out, and correspondingly, several attacking methods are provided to prove the weakness of WEP. The upgraded version of WEP algorithm-TKIP was also introduced and analyzed. At last, some potential solutions to the security problems are also proposed in using existing IEEE 802.11 equipments.

Li Wang,Bala Srinivasan,Nandita Bhattacharjee

DOI: https://doi.org/10.4304/jnw.6.3.470-481

2011-01-01

Abstract:IEEE 802.11i standard defines the security specifications of IEEE 802.11 series Wireless Local Area Network (WLAN). It is the replacement of the old security standard named Wired Equivalent Privacy (WEP), and it aims to eliminate all known attacks against WEP. It well defines the solutions to the confidentiality, mutual authentication and integrity aspects of the WLAN security except the availability aspect. Many researchers have shown that IEEE 802.11i standard cannot prevent various Denial of Service (DoS) attacks including de-authentication, disassociation and memory/CPU DoS attacks. Besides, IEEE 802.11i reserved the PSK mode of WEP for flexibility and backward compatibility. However, the PSK mode in IEEE 802.11i standard fails to provide sufficient security to prevent offline dictionary attacks and internal attacks . In this paper, we present our solutions which can effectively improve IEEE 802.11i. For memory/CPU DoS attack against 4-way Handshake protocol, we propose an alternative Enhanced 3-way Handshake protocol which can effectively prevent this attack and can save computation cost compared to the original one . For the vulnerability in PSK mode, we proposed a novel ECDH protocol to prevent the offline dictionary attacks and internal attacks. The formal proofs of above two proposed protocols are also provided using Protocol Composition Logic (PCL).

LIU Yonglei,JIN Zhigang

DOI: https://doi.org/10.3778/j.issn.1002-8331.1201-0151

2013-01-01

Abstract:In this paper, an overview of Wi-Fi Protected Setup(WPS)is supplied. A brute force attack is pointed out. Using Colored Petri Nets(CPN), the WPS protocol and the improvement are modeled and it is proven that the security flaws exist and the brute force attack is available. Moreover, under setting retry times of connection authentication to be three times, the original protocol can be completely breached and the success breach probability of the improved protocol is only about 3/108.

Lei Zhang,Jiang Yu,Zugao Deng,Renfei Zhang

DOI: https://doi.org/10.1109/cecnet.2012.6202145

2012-01-01

Abstract:This paper discusses the security problems existing in the encryption methods of WPA/WPA2 in wireless network and analyses the cracking method of WPA/WPA2 encryption. BackTrack5 that was lately issued is adopted to capture the 4-way handshake package in Linux System. Then, the handshake packets are copied to Win7 and cracked by EWSA-GPU. The comparison and analysis of data via this method with that of via cracking WPA/WPA2 by BackTrack4 prove that this method can greatly improve the cracking speed. Finally some encrypted strategies that against the new cracking methods are disposed.

YongLei Liu,Zhigang Jin,Ying Wang

DOI: https://doi.org/10.1109/WICOM.2010.5601275

2010-01-01

Abstract:As the critical security flaw of WEP is discovered, concern of researchers is more and more attracted by the scheme of WPA/WPA2 which includes 802.1X, authentication protocol, and TKIP and CCMP encryption algorithms. In this paper, an overview of WPA/WPA2 is supplied. And then, the vulnerabilities of WPA/WPA2 and current researches in the method of attacking WPA/WPA2 are introduced. In the last part, these researches are analyzed and concluded.

LEI Ming,GUO Rong,WANG Ze-min

DOI: https://doi.org/10.3969/j.issn.1673-9965.2006.05.003

2006-01-01

Abstract:With the popularization of IEEE802.11 WLAN standard,the WLAN technique has quickly become an import part of Computer Network and its application area extends fast as well.But the description about security in WLAN standard has met some problems in practical application.The encrypt key can be attained in several minutes because of the WEP using fixed encrypt key.So the security leak of WLAN becomes very severe.This thesis proposes a new method which encrypts the MAC protocol data unit.The approach encrypts not only the valid data but also frame head to increase the difficulty of the attack and interception.At the same time,to make the security project practically,the authors adopte the Prism2 chip-set of Intersil to accomplish a encrypt instrument by encrypting the MPDU packet.The scheme has caught up to the security target by practically security attack testing by AirSnort and WEPCrack security testing software.

Wu Liu,HaiXin Duan,Ping Ren,Jianping Wu

DOI: https://doi.org/10.1109/ICGCS.2010.5543034

2010-01-01

Abstract:As the rapid development of Internet and information technology, more and more people now access Internet via Wireless Local Area Network (WLAN) with many features such as: mobility, convenience and low-cost, but the security flaws existed in RC4, WEP and WPA lead to security issues in WLAN. In this paper, we present several serious security flaws in these protocols, stemming from misapplication of cryptographic primitives and discuss in detail each of the flaws, the underlying security principle violations, and implement relative attacks to show the weakness of WLAN protocols. © 2010 IEEE.

白珅,王轶骏,薛质

DOI: https://doi.org/10.3969/j.issn.1009-8054.2012.01.060

2012-01-01

Abstract:With the development of mobile communications, wireless network security becomes an attractive hot issue. Nowadays, WPA/WPA2, based on the WEP and by overcoming its shortcomings, is the most important wireless encryption scheme. WPA/WPA2 adopts various advanced security mechanisms, including encryption, authentication and message integrity check, etc, and thus could effectively protects the wireless communication security. However, WPA/WPA2 still has some flaws. Attackers could, with brute force crack or hash table crack, obtain the password in case a weak password is set. As a whole, WPA/WPA2 has high security, and is very difficult to crack.

Yuyang XUE,Hao ZHOU,Baohua ZHAO

DOI: https://doi.org/10.3321/j.issn:0253-987X.2009.10.011

2009-01-01

Abstract:Aimed at the problem that the vulnerable wireless local area network (WLAN) 802.1X protocol is not susceptible to replay and DoS (denial of service) attacks, etc, an informal method is introduced to analyze the security properties of 802.1X protocol. The method classifies attack behaviors according to the ability of attackers, and from the aspect of the role which attackers can play in the protocols (i.e., imitating normal protocol behavior or breaking normal communication). Then a new method, WLAN active testing, is proposed. Attacks to the protocol running mainbody are implemented by simulating the actions of the attacker which can be used to make up protocol messages. The results are used to determine whether the protocol security vulnerabilities exist or not. Testing results show that the method combines characteristics of both the attacker and the tester to cover some known protocol security vulnerabilities, and has the ability to reveal some potential problems.

Xing ZHOU,Yao-hong KANG,Sheng-jie SUN

DOI: https://doi.org/10.3969/j.issn.1004-1729.2005.02.013

2005-01-01

Abstract:Abstrcat This paper first introduces the security demands of WLAN(wireless local area network),discusses the algorithm of WEP security protocol of WLAN based on IEEE 802.11x,points out security flaws of WEP on the base of the above,and then analyzes deeply the principle and means of attack in communications of WLAN.

Liaojun Pang,Huixian Li,Yumin Wang

DOI: https://doi.org/10.3969/j.issn.1003-7985.2008.01.006

2008-01-01

Abstract:Based on thorough researches on the Chinese wireless local area network (WLAN) security standard,i.e.,WLAN authentication and privacy infrastructure (WAPI),the security of the authentication access process is analyzed with the CK (Canetti-Krawczyk) model and the BAN (Burrows-Abadi-Needham) logic.Results show that it can achieve the alleged authentication and key negotiation goals.Besides those alleged, further analyses indicate that the authentication access process can satisfy other security requirements,such as mutual identity authentication,mutual key control,key confirmation,message integrity check,etc.If the used elliptic curve encryption algorithm and the hash algorithm are secure enough,the protocol can efficiently realize mutual authentication between STAs (station) and APs (access point).Therefore,WAPI can be applied to replace the security mechanism used in the original WLAN international standard to enhance its security.

Wan-ping YE,Qi HONG,Dao-ming KE

DOI: https://doi.org/10.3969/j.issn.1009-3044.2009.13.021

2009-01-01

Abstract:IEEE802.11 group introduced the Security Mechanism into the MAC layer,which is based on the Wired Equivalent Privacy algorithm.WEP uses CRC-32 checking code inside the RC4 encipher system to provide message integrity check..This paper analyses its shortages,then introduces 802.11i and WAPI,presents their improvement to increase the security performance of WLAN.

Yixin Jiang,Chuang Lin,Hao Yin,Zhen Chen

DOI: https://doi.org/10.1002/wcm.448

2006-01-01

Wireless Communications and Mobile Computing

Abstract:IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd.

Daoshun Wang

2006-01-01

Abstract:Firstly a comprehensive analysis on the current security and authentication technology used in WLAN is introduced.Based on all related problems,an enforced Access Point(AP)design scheme is proposed.The design and implementation of a prototype AP system,its security and authentication architecture is briefly discussed according to 802.11i framework,AES and EAP-TTLS.

F Zhang,JF Ma

DOI: https://doi.org/10.1109/icppw.2005.79

2005-01-01

Abstract:China has established its national standard for Wireless LAN, called GB15629.11-2003, in which, WLAN Authentication and Privacy Infrastructure (WAPI) was proposed. However, WAPI can be proved insecure with the Canetti-Krawczyk model. Further analysis shows that in the standard there are also other vulnerabilities, such as inability to provide identity protection and resist key consistency attack, lack of private key verification and desirable security attributes like perfect forward secrecy, key control, etc. Therefore, a new protocol is proposed to fix the security problems of WAPI, especially those in the authentication and key agreement procedure. This protocol is designed and analyzed with a modular methodology and proved secure with the Canetti-Krawczyk model, thus it can guarantee the desirable security attributes. In addition, the presented protocol has a better performance than WAPI in computational overhead and can also be applied to IEEE 802.11i as an authenticated key agreement protocol.

Liu Shu-Dong,Liu Yong-lei,Jin Zhi-gang

DOI: https://doi.org/10.1109/iwcmc.2017.7986377

2017-01-01

Abstract:With the rapid development of public service of wireless network, the quantities of free Access Points (APs) in open system authentication increase explosively. However, the security problems also raise prominent, especially, personal privacy disclosure brought by fake APs. We analyze the attack behaviors of the intruders. It is proved that open free AP can be attacked successfully by fake AP, compromised AP and spider AP. One type of fake AP attack (a software of airhack is developed) has been implemented to attack auto-reconnect method of legal AP and launched in real environment effectively. In order to ensure secure and trusted access, a new access method for AP in open system authentication is analyzed and improved to defense spider AP. This method is verified by the real typical instance of airhack.

David Pepyne

DOI: https://doi.org/10.3969/j.issn.1671-8267.2003.02.001

2003-01-01

Abstract:Objective Aiming at lots of vulnerabilities in the Wired Equivalent Privacy (WEP) which threats the authentication and confidentiality in wireless communication, a new kind of mutual authentication and privacy mechanism named MWEP(Modified WEP) is proposed. Methods MWEP is based on pseudo random number generator (PRNG) and asymmetric cryptograph approach, it generates a unique session-key like "One-Time Password" for each data frame transmission between any two mobile stations. Results Using this session-key to encrypt the transmission data, not only can it avoid replay attack, but also provide a good secure virtual channel for the sender and receiver. MWEP can be incorporated into IEEE 802.11. Conclusion It shows that the proposed mechanism is effective and practical after comparison with WEP and simulation.