Analyze And Improvement On WTLS

This paper gives a deep analyze and study about the security guarantee on WTLS. By totally analyzing the operation flow of the WTLS protocol, several security limitations are found and some improvement measures are advised to perfect the security performance of WTLS which will satisfy the emergent need made by the continuous mix between wireless communication and internet technology. Meanwhile, this paper proposes an expanded solution with WTLS by the famous third party authentication system Kerberos after a complete analyze into WTLS protocol as there appears more strict demand for wireless security according that wireless mobile service has been progressed rapidly.This paper has five chapters. Chapter one firstly gives a general introduction of WAP, and then analyzes the sub-protocol of WAP briefly, especially the security layer, WTLS. Further more, there points out several factors which can affect the security in wireless environment and sums up the research on these fields. Chapter two gives a brief introduction of cryptology which is the basis of the technology used in WTLS, such as encryption arithmetic, digital signature, message abstract arithmetic, digital certificate and so on. Chapter three begins with a systemic introduction of the fundamental operation flow in WTLS, and then explains in detail the four sub-protocols. Especially, there gives an exhaustive explanation on the core segment in the handshake process, such as key exchange method, identity authentication method, master key generation and MAC method. Chapter four researches on how WTLS protocol implements the three key security functions, information secrecy, information integrity and identity authentication. After that, there points out several potential security risks and tables the proposals which can enhance the security level of WTLS. Chapter five designs an expanded WTLS solution, WTLSK, which means WTLS based on Kerberos. It aims at solving one of the hot topics in the security research about WTLS, man-in-middle-attack. In succession, security of this solution is analyzed, and a method for authentication among domains is proposed. This solution reserves the basic operation flow of WTLS without big renewal or change. It has academic significance and practical value.