Wireless LAN Key Technologies Of Bidirectional Access Authentication Based On Bilinear Pairings

The development of wireless local area network (LAN) makes it more convenient, efficient and flexible for people to visit the network. But with the rapid development and extensive application of wireless LAN, the drawbacks of wireless LAN gradually appears. Since data is transmitted via a wireless transmission medium in the wireless LAN, it is quite vulnerable to eavesdropping and impersonating in the course of data transmission. And the access control technologies of wired network cannot be applied to this kind ofattacks without physical connection. With the requirements on the security in people’s daily life becoming more demanding, security issues of wireless LAN is becoming more and more prominent.This paper analyzed the popular authentication technologies of wireless LAN, the existing problems and measures for improvement of authentication technology. Combined with the existing research results of lab on identity-based cryptosystem, two kinds of Bidirectional Access Authentication scheme based on bilinear pairings are put forward. One solution is a kind of direct authentication scheme using the technology of identity-based signature, in which the identities of users and the signatures of the identities are showed in the domain and it has the advantage of high calculation efficiency. Another scheme is based on certificate-based signature, and this scheme can handle the modes for users to access a network and realize cross-domain access authentication because of the use of credentials in its access authentication scheme, which has the advantage of successfully avoiding the security problem of key escrow and distribute. A more efficient and secure key agreement scheme is also presented in the second scheme, as well as the correctness proof and security analysis. Security and efficiency analysis of the two schemes are proposed in this paper based on the detailed design and technologies, as well as applicable occasions.In addition, the paper design and implement the class of entity according to the proposed schemes, and extend the two kinds of protocols used in the experiment to adapt to the proposed schemes. Finally the implementation environment is briefly described, and the two proposed schemes are brought to implementation in this environment. It turned out that, usrs can access authentication and can calculate the session key, in preparations for the purpose of the next step for data communication.