Key management method

A key management and message technology, applied in the field of key management, can solve problems such as storage exhaustion, prevent forgery and replay, solve DoS attack problems, and enhance security and robustness.

Inactive Publication Date: 2008-04-09
CHINA IWNCOMM
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the calculation of the unicast ephemeral key is not expensive, it will not cause a CPU exhaustion attack, but if the attacker intentionally increases the frequency of sending forged messages 1, there is a danger of memory exhaustion
This kind of forgery attack is easy to implement, and the harm caused is relatively serious. A successful attack will make all the previous efforts on the authentication process come to naught

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] Concrete method of the present invention is as follows:

[0020] 1) The authenticator adds the key negotiation identifier KNID (Key Negotiation IDentifier) ​​and the message integrity code MIC on the basis of the original definition content of the message 1, forms a new message 1, and sends it to the requester;

[0021] 2) After receiving the new message 1, the requester verifies whether the MIC field in it is correct, and if not, discards it directly; otherwise, performs the original verification, and if the verification is successful, sends message 2 to the authenticator; message 2 The content of is the same as the original definition;

[0022] It should be noted that: the MIC in the new message 1 is the hash value calculated by the authenticator using the pairwise master key PMK (Pairwise Master Key) negotiated in the authentication phase for all the fields before the MIC field; the KNID in the new message 1, If this process is the first 4-step handshake protocol af...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a key management method which is an enhanced RSNA four-stage handshake protocol, which comprises the following steps: step 1, an authenticator adds a key negotiation ID (KNID) and a message integrity code (MIC) to a message (1) and then sends the message to a requester; step 2, the requester receives the message (1) and then checks whether the MIC character field container therein is correct, if incorrect, the requester directly discard the message, otherwise performs other checks, and sends a message (2) to the authenticator after the check succeeds; step 3, the authenticator checks the message (2) after reception and sends a message (3) to the requester after the check succeeds; step 4, the requester checks the message (3) after reception and sends a message (4) to the authenticator after the check succeeds; step 5, the authenticator checks the message (4) after reception, if the check succeeds, the four-stage handshake protocol is completed, and the authenticator and the requester reach an agreement after negotiation to produce a unicast temporal key (UTK) and obtain the group multicast master key (GMK) of the other party. The invention solves the DoS attack problem of the key management protocol in the existing RSNA security mechanism.

Description

technical field [0001] The invention relates to a key management method, in particular to a key management method for RSNA. Background technique [0002] In order to solve the security loopholes in the WEP (Wired Equivalent Privacy) security mechanism defined in the WLAN (Wireless Local Area Network) international standard ISO / IEC 8802-11, the IEEE organization promulgated the IEEE 802.11i standard, based on backward compatibility In the above, the Robust Security Network Association (RSNA) technology is proposed to make up for the security loopholes in WEP. [0003] RSNA realizes authentication and key distribution functions through IEEE 802.1x and 4-way Handshake protocol (4-way Handshake) based on Extended Authentication Protocol (EAP). These security mechanisms can solve the security problem of WLAN well, but because the security is more considered in the design of this mechanism, and the usability of the protocol is not considered too much, so the DoS attack problem ex...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00H04L29/06H04L12/28
CPCH04L63/1458H04L9/32H04W12/04H04W12/12H04L9/0844H04L9/3236H04L63/06H04L9/3273H04W12/0433H04W12/126
Inventor 铁满霞曹军庞辽军赖晓龙黄振海
Owner CHINA IWNCOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap