Radio mesh re-authentication method based on the WLAN secure standard WAPI

Abstract

The invention relates to the network, especially the safety technological area of wireless mesh network, it is characterized in that: firstly suppose the adjacent physical access point AP into a virtual access point AP, and form a virtual certificate in each physical access point AP, then authenticate the virtual AP certificate and terminal certificate for virtual access point AP through the authentication server according to the available WAPI standard, after passed, the authentication server AS may send the certificate authentication results to the physical access point AP connected with this terminal; then send the key block after encrypted with the common key to the other physical access point AP in the virtual access point AP from the physical access point AP connected with the terminal, meanwhile send the authentication results to the terminal, after received the authentication results, this terminal may create the basic key BK. The invention solves how to reduce the roam switching re-authentication delay problems when the available WAPI used for the wireless mesh network, meanwhile it has the high expansibility for large-capacity network.

Description

technical field [0001] The invention relates to a wireless network security application method, in particular to an application method of the wireless local area network security standard WAPI (WLAN Authentication and Privacy Infrastructure, wireless local area network identification and security infrastructure) in the wireless mesh network. Background technique [0002] In recent years, broadband wireless networks based on 802.11 wireless LAN technology have developed rapidly. Various new broadband wireless technologies, such as wireless switching and wireless mesh networks, have emerged in an endless stream and have been widely used around the world. According to incomplete statistics, as of January 2006, the total number of global WiFi hotspots has exceeded 100,000, and more than 130 countries use WiFi technology. At the same time, mobile terminals are becoming more and more abundant, from traditional notebook terminals to mobile phones and PDAs, which promote the further...

AI Technical Summary

Problems solved by technology

[0003] Various new real-time streaming media applications in the wireless environment put forward higher requirements for network roaming handover delay, and re-authentication delay is the key factor affecting roaming handover delay, so the wireless local area network authentication and security infrastructure WAPI proposes However, this pre-authentication method is not only inefficient and not suitable for large-scale wireless networks, but also difficult to be effectively applied to new wireless broadband networks such as wireless mesh networks.

[0004] According to the standard WAPI mechanism, when a terminal STA (Station) switches from one wireless access point AP (Access point) to another AP, the certificate authentication and key negotiation process between the STA and the new AP needs to be performed again, resulting in the STA The re-authentication delay between two APs is too long, which affects roaming handover performance

For this reason, the existing WAPI standard proposes a pre-authentication mechanism to solve

Images