IEEE 802.1xIEEE 802.11i
N9490012 2006/12/23
J.-C. Chen et al.Wireless LAN Security and IEEE 802.11i2004
WLANIEK-ITIS
IEK-ITIS
IEEE 802.11(b)IEEE 802.11(b)MAC
WEP(Wired Equivalent Privacy)
(client)(access point, AP)clientAP
(access control)
IEEE 802.11(b)WEPRC4IEEE
RC4,(WLAN ClientAccess Point)Key,Key
,RC4,24 bitsIV(initial vector, IV),IVWEP KeyRC4,Stream CipherXOR,,IV,IVWEP Key,
WEP Key24 bitsIVIVIV24bitsIV2^24(16777216)WEP Key2^24IV
IV(PCMCIA)IV
WEPWEP Key
share keyIEEE IEEE 802.1xWLANIEEE 802.11i
802.1xMAC 802.1xIP
802.1xIEEE 802.11(b)IEEE 802.1x
IEEE 802.1x EAPOL(EAP Over Lan)Authentication (AAA )
EAPOL(EAP Over Lan)IP Layer, EAP,EAPOL,Access PointAAA (Authentication, Authorization, and Accounting) Server.
Authentication Authentication
AAA IETF(The Internet Engineering TaskForce)RFC 2903RFC 2904RFC 2905RFC 2906RFC 2989
AAA RADIUS(Remote Authentication Dial In User Service)Diameter3GPP2 CDMA 2000 Diameter CDMA 2000
CISCO TACACS+(TerminalAccess Controller Access Control System)
RADIUSRequestResponseAccept Reject
Access RequestRADIUS
IEEE 802.1x
1. (Password base) 2. (Certificate base) 3. SIM(SIM card base)
EAP-MD5EAP-TLSEAP-SIM1,2EAP-TTLS
EAP-MD5 MD5
EAP EAP Authenticator (Identity)AuthenticatorAuthenticator AuthenticatorAuthenticator Authenticator AP
EAP-TLSMicroSoftCisco(PKI,Public Key Infrastructure)PKIPKI
EAP EAP Authenticator Authenticator Authenticator EAP-TLS TLS TLS EAP TLS TLS EAP-TLS WAP-TLS Authenticator Authenticator Authenticator
IETFIEEE 802.1X RADIUS Usage Guidelines802.1x RadiusAAAWEP KeyAccess PointWEP KeyWEP Key802.1xWEP KeyEAPOL-KeyWEP KeyWEP KeyWEP Key
802.1xWEP KeyHandshakingWEP KeyAccess PointWEP KeyWEP KeyKeyWEP Key
IEEE 802.11iIEEE 802.11iWIFIWIFI Protected AccessIEEE 802.11i Draft
802.11iTKIP (Temporal Key Integrity Protocol)AESTKIPWPA 1.x (WPA/SSN)
IEEE 802.11i
TKIP802.11RC4Key
WEP24-bitIVTKIP48-bit IVIVWPA802.1xEAPWPA TKIPWEPWPAWPAAESWPA TKIPWEPWEP KeyWPA TKIPKey
TKIP Per-Packet
TKIPRC4KeyTKIP128-bits WEP Key KeyWEP KeyWEP KeyIV RC4 KeyTKIPTKIP KeyIV128 bitsIV128 bits Key
48 bits IV(32 bits16 bits)Phase 1Phase 2Key
802.11i WPA
MIC
KeyWPAMIC(MessageIntegrity Code) MICCRC
MICMichael64 bitsMICMichaelMIC
IEEE 802.11iIEEE 802.1xTKIPAESTKIPRC4AESReal-Time
2002Wi-FiWPA(Wi-Fi Protected Access)WPATKIPWPAWPAIntersilAtherosAtmelAgereEnvaraIEEE 802.11iTKIPAES
Top Related