Trusted Access In Wireless Networks Theory And Applications

Authentication and key agreement(AKA) protocols are the main techniquesto secure the wireless networks. However, these conventional techniques mainlydeal with the foreign attacks from the outside, while unable to e?ciently resist theinternal attacks. Trusted computing technologies are able to ensure the integrity ofsoftware and hardware of the terminal platform, so as to protect the platform fromthe internal attacks. It is of great significance to integrate the trusted computingtechnologies with secure authentication and key agreement protocols. We make ain-depth research on the trusted connection of wireless networks in this thesis, andthe main contributions are as follows:1. In the trusted environment, we restudy the three attack abilities defined inthe Canetti-Krawczyk model which is a formal method for the design and analysisof key agreement protocols. We find that the TPM overcomes the weakness of theencryption algorithm based authenticator in the Canetti-Krawczyk model. Based onthese, a new CK model called CKTE in the trusted environment-CKTE is proposed.2. A platform substitution attack on the trusted network connect protocol isfound. To solve this problem, the security objectives of the trusted network connectprotocol is formally proposed, and a provably secure model TNC-PS for the trustednetwork connect protocol is designed. By using the TNC-PS model, the security?aw is avoided with the TNC ar-chitecture keeps unchanged.3. A trusted network connect protocol CL-TAP for wireless environment isproposed, in which the trusted computing technology and certificateless public keycryptography are utilized. The platform authentication and integrity verificationare integrated into the user authentication within 6 rounds in such protocol. Thesecurity and performance analysis show that our protocol enhances the securityof the authentication protocol and has great advantages in both computing andcommunication costs.4. A provably secure trusted access protocol MN-TAP for the WLAN Meshnetworks is proposed. Such protocol will achieve authentication and key confir-mation among the access requestor, policy enforcement point and policy decisionpoint within 7 protocol rounds. At the same time, the protocol can realize the plat-form authentication and platform integrity verification in the first round of protocolinteraction. Security and performance analysis results show that: the protocol isa UC-secure protocol, and the performance has great advantages over the current protocols.5. A Network Trusted Connect System(NTCS) is built in accordance with therelated TCG specifications.