Study Of Authentication And Key Agreement Protocols In Wireless Networks

With the wide deployment and usage of wireless networks, people more and more rely on the wireless networks. At the same time, the security of wireless networks becomes the focus. Because of its openness, the mobility of the terminal and the changing topology, the wireless network is more susceptible to security attacks. Authentication and key agreement is the base of the network security, but its design is very complex and challenging. This work makes a comparative deep research for the authentication and key agreement in the wireless networks, which includes: the analysis and design of authentication protocols in wireless networks, the authentication methods in mobile IP, the formal design and analysis method for authentication and key agreement, the study of Chinese WLAN security standard WAPI, the authentication and key agreement methods in Mesh networks. The main results are as following:1. Based on the analysis of AAA model, an authentication and registration scheme of Mobile IP under AAA is proposed; after the IPSec is analyzed, a novel method for the establishment of IPSec under Mobile IPv6 is presented.2. Formal methods for the authenticated key agreement (AKE), especially the provably secure method—Canetti-Krawczyk model, are studied. We first analyze the security of this model and test whether the protocols proved secure by this model can meet the security properties required; then we analyze the relationship between the security definition and the security properties, and the advantages and disadvantages are pointed out; at last a weakness of this model in ID-based system is pointed out and improved.3. The study of Chinese WLAN security standard WAPI. First, based on the analysis of WAPI, its weaknesses are pointed out and improved. The improved one is not only secure in the Canetti-Krawczyk model, but also secure in the universal composable model; then the authentication model of WAPI implementation plan is analyzed, we point out that its key agreement protocol is SK-secure without PFS (perfect forward security), and it can realize the mutual authentication between networks and mobile users, at last the implementation plan is analyzed how to overcome the weaknesses in the original scheme; in addition, for the incompatibility between WAPI and 802.11i, a novel compatible scheme is proposed.4. The study of Mesh networks. Its two security models are analyzed, and its corresponding authentication scheme are presented.