Research Of Related Authentication Mechanism Of WLAN

The wireless local area network is one of the researches hot of the network technology. It would help people enjoy its high efficiency, high quality and low business cost mobile network services, so it has a very wide range of applications. However, it brings more security issues than wire network because of wireless transmit. There is an urgent need to guarantee security in wireless network.The needs of people on the wireless LAN include data confidentiality and integrity, two-way authentication and availability and so on. At present, most WLAN based on 802.11 standards adopts WEP as security mechanism to guarantee the data security in the WLAN. For lack of taking the security problems into consideration at the time when WEP was designed, some security flaws are left behind in WEP. WEP can't meet the security need with the rapid development of WLAN. For this point, many improved security protocols were proposed, such as TKIP, 802.11i of IEEE and WAPI protocol of China.This paper mostly studied security mechanism in 802.11 protocols from authentication mechanism. First of all, this paper has carried out analysis of security characters, security mechanism, 802.11 protocol and typical topology network of WLAN. Then we have studied and analyzed in detail the five security problem existing in WEP protocol which include the encryption mechanism, message authentication code, key management, IV reuse and identity authentication. Furthermore, it makes a further exploration on security authentication in the 802.11 protocol, with analysis on the security character of open system authentication and share key authentication. Finally, importance is attached to research on identity authentication based on 802.1x protocol which is completed formalize analysis of in Bellare-Rogaway model. After analyzing popular EAP-TLS authentication mechanism in formalize analysis, an problem of middle man attack is founded, so an improved protocol based on EAP-TLS is proposed and is proved the safety and integrity using BAN logic. At the same time, it is indicated the improved protocol has better security capability in rejecting attack than EAP-TLS protocol through experiment.