WAPI single broadcasting key negotiation method

A unicast key negotiation and discriminator entity technology, applied in key distribution, can solve problems such as storage exhaustion, prevent forgery, solve DoS attack problems, and enhance security and robustness.

Active Publication Date: 2008-04-09
CHINA IWNCOMM
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the calculation of the unicast session key is not expensive, it will not cause a CPU exhaustion attack, but if the attacker intentionally increases the frequency of sending forged unicast key negotiation request packets, there is a danger of memory exhaustion
This kind of forgery attack is easy to implement, and the harm caused is relatively serious. A successful attack will make all the previous efforts on the authentication process come to naught

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The present invention is applicable to the security when the WAPI frame method (TePA-AC (Access Control method based on Tri-element Peer Authentication)) is applied in specific networks such as wireless local area network and wireless metropolitan area network. protocol.

[0017] Concrete method of the present invention is as follows:

[0018] 1) The authenticator entity AE adds the message integrity code MIC to the original defined content of the unicast key negotiation request packet to form a new unicast key negotiation request packet, and sends it to the authentication requester entity ASUE; The integrity code MIC is the hash value calculated by the authenticator entity AE for all fields before the MIC field using the base key BK (Base Key) negotiated in the authentication phase;

[0019] 2) After the authentication requester entity ASUE receives the new unicast key negotiation request packet, it verifies whether the MIC in it is correct, if not, discards the packe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a WAPI unicast key negotiation method, which comprises the following steps: (1) an identifier entity adds a message integrity code to a unicast key negotiation request group and sends to an identification requester entity; (2) the identification requester entity receives the unicast key negotiation request group and then checks, if incorrect, the identification requester entity directly discards the group, otherwise performs other checks, if the check succeeds, the identification requester entity responses a unicast key negotiation response group; (3) the identifier entity receives unicast key negotiation request group and checks, if the check succeeds, response a unicast key negotiation acknowledgement group to the requester entity; (4) the identifier entity receives the unicast key negotiation acknowledgement group and then checks, if the check succeeds, the agreement of a unicast session key is reached. The invention solves the DoS attack problem of the unicast key management protocol in the existing WAPI security mechanism.

Description

technical field [0001] The invention relates to a wireless local area network key management method, in particular to a WAPI unicast key negotiation method. Background technique [0002] In order to solve the security loopholes in the WEP (Wired Equivalent Privacy) security mechanism defined in the WLAN (Wireless Local Area Network) international standard ISO / IEC 8802-11, my country promulgated the National Standard for Wireless Local Area Network and its No. 1 amendment, WLAN authentication and privacy infrastructure WAPI (WLAN Authentication and Privacy Infrastructure) is used to replace WEP to solve the security problem of wireless LAN. [0003] WAPI uses certificates or pre-shared key authentication and key management protocols to implement authentication and key distribution functions. This security mechanism solves the security problem of WLAN well, but because this mechanism is designed with more security in mind than the usability of the protocol, the unicast key agr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L29/06H04L12/28
CPCH04L9/3236H04L63/1458H04L9/0844H04L9/32H04W12/04H04L9/08H04L63/06H04W12/12H04L9/3273H04W12/06H04W12/0431H04W12/0433H04W12/069H04W12/126
Inventor 铁满霞曹军庞辽军赖晓龙黄振海
Owner CHINA IWNCOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap