The Design And Analysis Of Access Authentication Protocol Based On EAP

With the use of wireless devices increasingly widespread and the rapid development of Internet technology, Wi-Fi has had more and more contacts with people's lives, and it has become an essential part to a lot of people's lives. Meanwhile WLAN security issues have attracted more and more attention, and it has been an important issue to be solved. As the first WLAN security barrier,wireless network access authentication is a top priority.Based on wireless local area network access authentication, the development background, the basic concept and characteristics of WLAN are discussed; WLAN security threats are also analyzed; then the IEEE 802.11i security protocols are analyzed including port-based network access control technology IEEE 802.1x and Extensible authentication Protocol EAP; the secure encryption algorithms AES and DES in network security are introduced; the theoretical framework of a security analysis of EAP authentication method is presented. Through the common security of EAP authentication protocol analysis, the EAP protocol is divided into two categories certificate-based authentication protocol and lightweight authentication protocol.In a wireless network environment,fast, lightweight,and low latency is important to the user terminal performance. Shared key mechanism is a lightweight process. Low latency is required in the shortest possible time when users connect to the network. The EAP-MD5 agreement is analyzed in detail that the security of EAP-MD5 is weak so that it cannot achieve mutual authentication and is also vulnerable to dictionary and brute force attacks.Through the research on the shared key mechanism, a suitable resource-constrained terminal EAP authentication protocol is proposed. The protocol is not only simple,efficient and easy to deploy, but also has the function of hidden the user identity. The security protocol formal analysis method is proposed; the protocol for the safety is analyzed and tested. The test results show that the agreement achieved the expected goals.Finally, based on WLAN access authentication method EAP-TLS protocol recommended by the IETF only, the authentication access wireless prototype system of 802.1x port access control technologies and open source freeradius build digital certificate is used. On this basis, the EAP-TLS is achieved; the test results of operation are given; the implementation of the protocol is analyzed. The system implements that the mutual authentication of identity information is required when users log the wireless network; the user's privacy is protected; the use of wireless LAN security is increased.