Comparative studies on authentication and key exchange methods for 802.11 wireless LAN

被引:17
作者
Lei, Jun
Fu, Xiaoming
Hogrefe, Dieter
Tan, Jianrong
机构
[1] Univ Goettingen, Telemat Grp, D-37083 Gottingen, Germany
[2] Zhejiang Univ, State Key Lab CAD&CG, Hangzhou 310027, Zhejiang Prov, Peoples R China
关键词
authentication; key exchange; WLAN; security; confidentiality;
D O I
10.1016/j.cose.2007.01.001
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 [计算机科学与技术];
摘要
IEEE 802.11 wireless LAN has become one of the hot topics on the design and development of network access technologies. In particular, its authentication and key exchange (AKE) aspects, which form a vital building block for modern security mechanisms, deserve further investigation. In this paper we first identify the general requirements used for WLAN authentication and key exchange (AKE) methods, and then classify them into three levels (mandatory, recommended, and additional operational requirements). We present a review of issues and proposed solutions for AKE in 802.11 WLANs. Three types of existing methods for addressing AKE issues are identified, namely, the legacy, layered and access control-based AKE methods. Then, we compare these methods against the identified requirements. Based on the analysis, a multi-layer AKE framework is proposed, together with a set of design guidelines, which aims at a flexible, extensible and efficient security as well as easy deployment. (c) 2007 Elsevier Ltd. All rights reserved.
引用
收藏
页码:401 / 409
页数:9
相关论文
共 33 条
[1]
Aboba B., 1999, PPP EAP TLS AUTHENTI
[2]
ANDERSON H, 2003, PROTECTED EAP PROTOC
[3]
[Anonymous], 2004, MOBILITY SUPPORT IPV
[4]
[Anonymous], 2004, EXTENSIBLE AUTHENTIC
[5]
ASOKAN N, 2003, 11 SEC PROT WORKSH C
[6]
BAEK KH, 2004, TR20042524 DARTM COL
[7]
BANAN M, 2000, LIGHTWEIGHT EFFICIEN
[8]
BERSANI F, 2005, EAP PSK PROTOCOL PRE
[9]
BLUNK L, 1998, PPP EXTENSIBLE AUTHE
[10]
Cam-Winget N., 2005, EAP FLEXIBLE AUTHENT