The Study And Improvement On The Security Of IEEE802.lx/EAP-TLS

With the rapid growth of Information technology and electronic technology, Wireless Local Area Network which is more and more popular. The biggest advantage of wireless network can spread information without cable medium, what make its network laid invisible geographical limitations, corresponding to bringing huge challenges to its information security. At present, IEEE802.11 Series standards is wide application in the wireless network security, but because of its own defects that makes people have cast doubt on wireless network security. Then the formulating of IEEE802.1x standard compensated for some defects of IEEE802.11 standard in a certain degree, which has a great improvement to wireless network security.This paper the main research object is IEEE802.1 x/EAP - TLS, the reason of selecting EAP-TLS is that this authentication method can well compensate for the shortage of IEEE802.1x, which is port-based network access control protocol. In the deep research we found that, although the security of this scheme is higher, but there are also safety defects. Firstly, because of this means of two-way authentication doesn't achieve the authentication to authenticator; secondly, management frame of transparent transmission which is transmission between the client and the authenticator that is suffered with middlemen attack and Denial-of-service attack easily.Aimed at the question, this paper demonstrates the improvement project particularly. From these aspects which are encryption of management frame and identity authentication of authenticator analyzes the design thought and design objective. Then realization of improvement project is studied, the main work includes: the authentication process of improvement project,differentiating the authenticator module of improved,processes and programming of improved project between the client and the authenticator.What is achieved in this paper not only presents some theoretical basis on perfecting agreement and effective solution to improvement project of IEEE802.1x, but also contributes to perfect of the wireless network security.