Research On Authentication Method Of Wireless LAN

With the development of Computer Network and Communication Technology, mobile devices and wireless technology are evolving at a rapid speed. Owing to its mobility and convenience, wireless LAN is becoming popular in hot spot regions such as campus, hotels, airports, shopping malls, and so on. Wireless LAN system can provide fast Internet access at speed up to 11Mbps using portable devices such as laptop computers and PDA (Personal Digital Assistance).Coming along with its convenience, wireless LAN puts forward security problem results from its open broadcast nature. There are great needs to enhance the security system of wireless LAN to make it less vulnerable than wired LAN.This thesis compares the current security mechanisms and authentication methods of Wireless LAN and analyzes their weakness. Then the thesis proposes a password authentication key exchange protocol named EAP-SPEKEV (Extensible Authentication Protocol-Simple Password Encrypted Key Exchange and Verification) which improves the EAP-SPEKE(Extensible Authentication Protocol-Simple Password Encrypted Key Exchange). The improved protocol supports mutual authentication and key derivation based on Diffie-Hellman Encrypted Key Exchange and password verification. It can protect the network from the Man-in-the-Middle and the offline dictionary attacks while does not require any modification to the IEEE 802. 1x and EAR Besides, the improved EAP-SPEKEV works on the ECC( Elliptic Curve Cryptosystems) base as well as the DH(Diffie-Hellman) base.