摘要
通过对IEEE802.11i无线局域网安全标准中动态密钥协商机制的详细分析,发现四次握手过程存在缺陷并且有可能遭受伪造消息的拒绝服务(DoS)攻击。针对这一安全漏洞,提出一种基于对称密钥加密技术的四次握手过程改进方法。这一改进方法改变了IEEE802.11i四次握手过程中明文传送密钥材料的策略,使用AES加密算法对密钥材料进行加密,从而避免了攻击者通过伪造消息进行DoS攻击。为了验证这一改进方法的有效性,利用Python和pyCrypto组件对其进行了模拟与分析,从模拟结果可以看出,这一改进方法能够很好地避免DoS攻击,同时不会引起申请者的内存耗尽和CPU性能下降,进一步增强了WLAN的安全性。
Through the analysis of IEEE802.11 i key negotiation mechanisms,it is found that there exists security vulnerability in 4-way handshake, which will lead to a DoS attack. Aiming at this security flaw, an improved method based on pair,vise key encryption technology is developed. This improved method encrypts keying material using AES encryption algorithm, which changes the transfer key material strategy in 4-way handshake process, so as to avoid DoS attack. This improved method is simulated by using Python and the pyCrypto module. From the simulation results it can be seen that the improved method can well avoid DoS attack, at the same time will not cause the applicant' s run out of memory and CPU performance decline,further enhance the security of WLAN.
出处
《计算机技术与发展》
2013年第6期132-135,共4页
Computer Technology and Development
基金
国家"863"高技术发展计划项目(2012AA021105)
