Title :
Security analysis of certificate authentication in Chinese WLAN standard
Author :
Yubo, Song ; Aiqun, Hu ; Kaizhi, Chen
Author_Institution :
Sch. of Inf. Sci. & Eng., Southeast Univ., Nanjing, China
Abstract :
The WAI (WLAN authentication infrastructure), is the authentication protocol in the Chinese Wireless LAN standard. This protocol, similar as 802.11i, adopts port-based access control and involves three entities in the authentication process. The three entities named in Chinese standard are ASUE (wireless device), AE (access point) and ASE (authentication server). The WAI is composed of a mutual public key certificates authentication and a key-exchange agreement. We analyze the certificate authentication of WAI protocol using a finite-state verification tool and find that the authentication protocol can´t resist the denial of service attack. Attackers can forge the messages to produce inconsistent keys in peers. Several amendments are discussed in this papers.
Keywords :
authorisation; protocols; public key cryptography; wireless LAN; Chinese WLAN standard; WLAN authentication infrastructure; access point; authentication protocol; authentication server; finite-state verification tool; key-exchange agreement; port-based access control; public key certificates authentication; security analysis; service attack; wireless device; Access protocols; Authentication; Communication standards; Communication system security; Computer crime; Privacy; Protection; Public key; Wireless LAN; Wireless application protocol;
Conference_Titel :
Advanced Technologies for Communications, 2009. ATC '09. International Conference on
Conference_Location :
Hai Phong
Print_ISBN :
978-1-4244-5139-5
DOI :
10.1109/ATC.2009.5349356
