Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지

Design of Safe AP Certification Mechanism on Wireless LAN

무선 LAN 상에서 안전한 AP 인증 메커니즘 설계

  • 김점구 (남서울대학교 컴퓨터학과)
  • Received : 2011.03.10
  • Accepted : 2011.03.23
  • Published : 2011.03.30
Download PDF
⟨ Previous Next ⟩

Abstract

Current IEEE 802.11 standard is very vulnerable that between the AP and STA authentication and security mechanisms is widely known. Therefore, IEEE has proposed security architecture RSN (Robust Security Network) for 802.11. RSN is used the access control, authentication, and key management based on the IEEE 802.1X standard. In this paper, IEEE 802.1X or 802.11 a combination of several models proposed for the vulnerability, and session hijacking or MiM (Man-in the-Middle) attacks to respond, the authentication mechanism Was designed to the access control between the STA and the AP.

현재 IEEE 802.11표준은 AP와 STA사이의 인증 및 보안 메커니즘이 취약하다고 많이 알려져 있다. 따라서, IEEE는 RSN(Robust Security Network)을 802.11에 대한 보안 아키텍처를 제안했다. RSN은 접근제어와, 인증, 그리고 키 관리 기반으로 IEEE 802.1X 표준을 사용한다. 본 논문에서는 IEEE 802.1X 또는, 802.11이 결합된 몇 가지 모델에 대한 취약점을 제시하고, 세션가로채기 또는 MiM(Man-in the-Middle)공격에 대응 할 수 있는 STA와 AP간의 접근제어, 인증 메커니즘을 설계하였다.

Keywords

References

  1. IEEE. Standards for local and metropolitan area networks: Standard for port based network access control. IEEE Draft P802.1X/D11, March 2000
  2. W.A. Arbaugh, N. Shankar, and J. Wang. Your 802.11 Network has no Clothes. In Proceedings of the First IEEE International Conference on Wireless LAN's and Home Networks, December 2009.
  3. N. Borisov, I. Goldberg, and D. Wagner. Intercepting Mobile Communications: The Insecurity of 802.11. In proceedings of the Seventh Annual International Conference on Mobile Computing and Networking, pp180-188 2009
  4. S. Fluhrer, I. Martin, and A. Shamir. Weakness in the key scheduling algorithm of rc4. Eighth Annual Workshop on Selected Areas in Cryptography, Agust 2009.
  5. L. Blunk and J. Vollbreeht, Ppp extensible authentication protocol (cap). RFC 2284. March 2008.
  6. C. Rigney and et. al. Remote authentication dial in user service(radius). RFC 2138, April 2007