Study And Implementation Of WPA-Based WLAN Security System

With the rapid development in recent years, WLAN becomes maturing in technology and widely used. Not only can WLAN achieve some new applications, but also can overcome inconvenience caused by wires and cables. WLAN, which can be served as complement or substitute of wired LAN in some place, takes the fancy of SOHO users, plenty of enterprise users and telecom carriers for its flexibility, mobility and low cost. Currently, there are several sorts of WLAN security solutions, but most of them exist security bugs that are very difficult to be solved. At present, WLAN security problems have badly hampered its development. How to provide a comprehensive and effective safeguard mechanism has become the key to developing and using WLAN.At first, this paper reviews WLAN standards and technologies, analyzes security bugs and technologies used in WLAN, and emphasizes on serious security bugs of WEP used widely in 802.11 protocol series. Then, we make an exhaustive study of the theory on WPA that is developed with subset of IEEE 802.11i standard byWi-Fi Alliance.Based-on the in-depth study of current advanced access control, key management and others WLAN security technologies, a solution of WPA-based security authentication and key management is offered. It resorts to access control, key management and data encryption technologies in WPA. According to the solution we offered, a system that can meet the demand from WLAN security can be designed. Then, this paper analyzes how to implement the security system, and describes overall layout of the security system in detail. Referring to the open source project of Xsupplicant, based on supplicant PAE state machine of IEEE 802. lx standard, processes of EAP-TLS session and 4-way handshake, and resorting to OpenSSL, WinPcap and Libnet, lxTLS with EAP-TLS is implemented by OOP using VC++.net on the platform of WinXP. Then, using lxTLS as supplicant system, freeRadius as back-end authentication server, AP supported WPA as authenticator system constructs a special experiment platform of WPA-based WLAN security system. The theory and experiment show that the solution offered in this paper can efficiently enhance WLAN security.