Research And Improvement Of Wireless Lan Security Issues

On the one hand, with the special require for mobile office work, traditional wired LAN is becoming more and more dissatisfactory to people's need. On the other hand, with the improving computer network and communication device, the mobile device and wireless technology is also developing. Owing to its flexibility and mobility, easy to expand, and other wired networks incomparable performance, it has been an increasing number of applications in areas such as schools, airports, coffee shops, hospitals and many other places. For now, 55Mbps transmission speed of the fastest have much shorter with the wired LAN transmission performance difference, so the access method has been widely accepted.With the increasingly widespread use of wireless LAN, the security of wireless network is becoming more and more concerned. The security of wireless LAN includes data confidentiality and integrity, and the availability of two-way authentication, etc. May 2004, the Institution of Electrical and Electronics Engineers (IEEE) formally adopted a 802. 11 i standards, the goal of the designing is to provide enhanced MAC layer security for 802. 11 network protocols. 802.11i defines a robust security network (RSN). Robust Security Network provides both TKIP and CCMP two data confidentiality agreements, and the process of the establishment of the connection of RSN, including the 802.lx authentication and key management protocol.This paper introduces the encryption and authentication methods which used by traditional wireless LAN technology, including 802.11b protocol which is based on WEP (Wired Equivalent Protocol), China's WLAN WAPI (Authentication and Privacy Infrastructure) with self-owned intellectual property rights. Virtual Private Network (VPN) which is based on the IPsec. Then highlight the IEEE802.11i protocol, including the TKIP and the MMCP encryption algorithm it used, and the authentication method based on the 802.1x. Next, achieve the authentication process through using the free software FreeRADIUS under LINUX operation system. Finally, the paper brought out an improve program against the MIM (Man In Middle) attack aiming at the bug of 802.1x authentication. The program is still using 802.1x authentication technology, but brought out the idea of mutual authentication with HMAC encryption before 4-way-hand shake. This program has made some enhancement to safety of 802.1x authentication technology.