A Study on Improvement of Mechanism for Secure Handoff in Wireless Networks

무선랜 환경에서 안전한 핸드오프를 위한 메커니즘 개선에 관한 연구

  • 조지훈 (동국대학교 영상정보통신대학원 네트워크관리학과) ;
  • 전준현 (동국대학교 정보통신공학과)
  • Published : 2005.11.01

Abstract

One of major characteristics in wireless LAN is terminal's frequent mobility, so it makes many overheads in the process of authentications repeatedly at each handoffs. So I propose IAPP(Inter Access Point Protocol) of IEEE 802.11f, modified context block and 4 way handshake of IEEE 802.11i, in order to implement secure and rapid handoff. The context block. I proposed, doesn't makes any communication with RADIUS server at handoff period. Therefore, it guarantee higher efficiency than existing handoff mechanisms. Also it can improve security vulnerability by padding authentication field in the context block for providing in advance against Replay and DoS(Denial of Service) attacks.

무선랜은 특성상 단말의 이동이 빈번하게 발생하며, 핸드오프(Handoff)시마다 반복되는 인증으로 많은 오버헤드를 야기 시킨다. 따라서 본 논문에서는 안전하고 신속한 핸드오프를 위해 IEEE 802.11f의 IAPP(Inter Access Point Protocol)를 사용하며, 제안된 Context Block과 IEEE 802.11i의 4-way handshake만을 이용하여 핸드오프시에 RADIUS 서버와의 통신을 요구하지 않음으로써 효율성을 높였다. 또한 발생할 수 있는 Replay attack과 DoS 공격 등의 문제를 사전에 차단하기 위해 Context Block에 인증필드를 추가함으로써 보안상 취약점을 개선하였다.

Keywords

References

  1. J.R.Walker, 'Unsafe at any key size; An analysis of the WEP encapsulation', tech. REP. 03628, IEEE 802.11 committee, March 2000
  2. 강유성, '국제표준화 회의결과 요약서-주요 쟁점기술 표준화 보고서', pp. 1, November 2004
  3. T.Moore, B.Aboba, 'Authenticated Fast Hand-off, IEEE 802.1-01/553, November 2001
  4. IEEE802.11F, 'IEEE Trial-Use Recommended Practice for Multi-Vendor Access Point Interoperability via an Inter-Access Point Protocol Across Distribution Systems Supporting IEEE 802.11 Operation', IEEE 802.11 committee, IEEE Standard 802.11F, July 2003
  5. Bernard Aboba, 'Fast Handoff Issues', IEEE 802.11-03/155r0, December 2004
  6. 강유성, 오경희, 정병호, 정교일, 정찬영, '무선랜 보안 표준 IEEE 802.11i', TTA Journal No 99, pp.124-129, June 2005
  7. IEEE802.11i, 'Part11: Wireless LAN Medium Access Control(MAC) and Physical Layer(PHY) specifications-Amendent 6: Medium Access Control(MAC) Security Enhancements', IEEE 802.11 committee, IEEE Standard 802.11i, July 2004
  8. William Arbaugh, Arunesh Mishra, Min-ho Shin, 'Using Neighbor Graphs in support of fast and secure WLAN mobility', University of Maryland College Park, February 2004
  9. Bernard Aboba, 'IEEE 802.1X Pre-Authenti-caion', IEEE 802.11-02/389r0
  10. David L. Mills, 'Network Time Protocol (Version 3) Specification, Implementation and Analysis', RFC1305, March 1992