Research On Authentication Mechanism Of Wireless LAN

With the rapid development and wide application of the WLAN, the security problem became more and more apparent. At present the famous security technologies of the WLAN are the standards of the IEEE 802.11i and the WAPI. They are applied for the ISO international standards simultaneously. But our country's WAPI standard is defeated due to sorts of disadvantage factors. But our country has the vast market of the WLAN. Especially there are a large number of the small and medium-sized enterprises. So we will never give up the WAPI and we will continue to develop it. Neither the 802.11i nor the WAPI can solve the security problems of the WLAN alone. And many members of the ISO hope the two standards to can be harmonious.The security problems and the security technologies of the WLAN are studied mainly in this paper. Especially the authentication mechanism of the WLAN is emphasized by us. The most effective authentication method of the 802.11i is the EAP-TLS protocol, and the identification part of the WAPI is the WAI. So we analyze them roundly in this paper. Because of the security protection is could not be provided enough in the present authentication mechanism. Moreover the equipments are expensive and the maintenance costs are high. So the small and medium-sized enterprises are unable to afford it, which has the small scale and the limited funds. In view of the existed security flaw of the authentication mechanism and the application background of the small and medium-sized enterprises, a new EAP-IBAKA protocol of the authentication scheme is researched in this paper. The protocol could be applied to the 802.11i and the WAPI, and it could be a harmonious protocol of them.The EAP-IBAKA protocol is based on the elliptic curve that has strong security. Further more it does not need the certificate and the third-party authentication server. And the roaming is supported effectively in the protocol. The protocol has many advantages such as a few rounds of the agreement exchange, a short transmission's key and a fast computation. The security of the EAP-IBAKA protocol is analyzed by the SMV, which is a formalized model checking tool. The result shows that the protocol satisfies the characters of the authentication, secrecy and integrity. And the security requirements of the WLAN are satisfied. Then we simulate the EAP-IBAKA, EAP-TLS and WAI in OPNET, comparing the capability of them in three aspects such as authentication time, channel utilization and queuing delay. The simulation results show that the EAP-IBAKA protocol has a better in the network performance and is practical in the small and medium-sized enterprises.