CN103313242B - The verification method and device of key - Google Patents
The verification method and device of key Download PDFInfo
- Publication number
- CN103313242B CN103313242B CN201210071034.0A CN201210071034A CN103313242B CN 103313242 B CN103313242 B CN 103313242B CN 201210071034 A CN201210071034 A CN 201210071034A CN 103313242 B CN103313242 B CN 103313242B
- Authority
- CN
- China
- Prior art keywords
- sta
- request message
- message
- mic
- response message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses the verification methods and device of a kind of key.Wherein, this method includes:AP receives STA and secondary association or re-associates to the first request message sent during the AP again, wherein, above-mentioned first request message carries STA on secondary association or re-associates to corresponding safe context during the AP and identifies;The safe context of above-mentioned STA that AP is locally preserved according to above-mentioned safe context identification retrieval, and judge whether the safe context retrieved is effective;If effectively, AP directly carries out key authentication processing with the STA.It by the present invention, simplifies STA and AP and re-establishes the safety verification flow of link, avoid the problem of causing networking time delay longer due to flow complexity.
Description
Technical field
The present invention relates to the communications field, in particular to the verification method and device of a kind of key.
Background technology
Institute of Electrical and Electric Engineers (Institute for Electrical and Electronic
Engineers, referred to as IEEE) 802.11 be first generation WLAN (Wireless Local Area Networks, letter
One of referred to as WLAN) standard.As shown in Figure 1,802.11 network of IEEE includes:Work station (Station, referred to as
STA), wireless access point (Access Point, referred to as AP).Wherein, STA can be any matchmaker for having IEEE 802.11
Body access control (Media Access Control, referred to as MAC) layer and physical layer (Physical Layer, referred to as
PHY) the equipment of interface, usually by a personal computer (Personal Computer, referred to as PC) or notebook computer
In addition wireless network card is formed.In addition, STA can also be the embedded device that can provide wireless connection in non-computer terminal
(for example, 802.11 mobile phones).AP can regard a wireless Hub as, for providing the bridge between STA and existing backbone network
It connects, which can be wired or wireless.One AP and one or more STA in its coverage area
Form a Basic Service Set (Basic Service Set, referred to as BSS).BSS passes through basic service set identification (BSSID)
Unique mark is carried out, BSSID is the MAC Address of AP.Terminal can communicate in a BSS.Using identical clothes
Be engaged in the more massive virtual BSS that multiple BSS of set identifier SSID are formed, and is defined as extended service set (Extended
Service Set, referred to as ESS).Terminal can communicate in same ESS and can be moved between multiple BSS of subordinate.
Connect the network of multiple BSS in ESS and cable network be known as distributed system (Distribution System, referred to as
DS).Wirelessly or non-wirelessly technology, generally use ethernet technology may be used in DS.
When STA accesses 802.11 networks of IEEE, in order to complete certification and Internet protocol (Internet
Protocol, referred to as IP) address allocation function, as shown in Fig. 2, wlan network further includes certificate server
(Authentication Server, referred to as AS) and Dynamic Host Configuration Protocol server (Dynamic Host
Configuration protocol Server, referred to as Dynamic Host Configuration Protocol server).AS is the entity that authentication service is provided for STA,
802.11 networks of access only could be authorized to by the STA of certification.AS can also be embedded in AP, and Dynamic Host Configuration Protocol server is then
STA distributes IP address, and STA can access internet (Internet) by the wlan network.
Fig. 3 is according to the schematic diagram of the key code system framework of the safety of the IEEE 802.11i of the relevant technologies, such as Fig. 3 institutes
Show, pairwise master key (Pairwise Master Key, referred to as PMK) is STA and AS in Extensible Authentication Protocol
The key of each self-generating, length are in (Extensible Authentication Protocol, referred to as EAP) verification process
256, (PMKID) is identified by PMK and is identified.Pair temporal key (Pairwise Transient Key, referred to as PTK)
It is the random number ANonce that STA and AP are generated respectively according to random number SNonce and AP that PMK and STA is generated, respectively derives
The key gone out.Low 128 of PTK are Key Confirmation Key (Key Confirmation Key, referred to as KCK), 128 intermediate
For key-encrypting key (Key Encryption Key, referred to as KEK), remaining most significant bit (Most
Significant Bit, referred to as MSB are temporary key (Temporal Key, referred to as TK).Wherein, KCK is used to be 4 times
EAPOL-KEY (Extensible Authentication Protocol OVER in handshake procedure and group key handshake procedure
LAN KEY) message offer data source authentication;KEK is used for as 4 key information frame EAPOL-KEY to shake hands with group key that shake hands
Message provides Confidentiality protection;TK user protects the transmission of the data message between STA and AP.
In addition, IEEE 802.11 also defines a group temporary key (Group Temporal Key, referred to as GTK).GTK
It is a random number of AP generations, in group key handshake procedure, after AP encrypts GTK with KEK, is transferred to STA.
The flow chart that Fig. 4 is established safely when being and accessing 802.11 networks of IEEE according to the STA of the relevant technologies, such as Fig. 4 institutes
Show, specifically include following steps (step S401- step S416):
Step S401-S402 broadcasts beacon (Beacon) message by AP or STA actively sends probe requests thereby to AP
(Probe Request) message, AP respond (Probe Response) message to STA echo probes, inform energy of the STA about AP
The information such as power, parameter and security parameter.
Step S403-S404 carries out open system authentication between STA and AP.Wherein, open system authentication process is not
Establish really safety.
Step S405-S406, is associated between STA and AP.STA sends association request to AP, and AP receives association please
After asking associated response is sent to STA.By the step, 802.11 channel of IEEE is established between STA and AP.
Step S407 carries out EAP authentication between STA and AS.After the completion of the process, STA and 802.11 networks of IEEE are complete
Into two-way authentication, and PMK is generated respectively.
Step S408, AS pass through remote customer dialing authentication system (Remote Authentication Dial In
User Service, referred to as RADIUS) access acceptance (Access Accept) message is sent, inform AP certifications success, and will
The PMK generated during EAP is sent to AP.
Step S409, AP send 802.1X message to STA, wherein, 802.1X message is packaged with EAP successes (EAP-
Success) message.
Step S410 proceeds by 4-Way Handshake process between AP and STA, verify the key of both sides' generation.AP generation with
The several first random number ANonce of machine, and be carried in key information frame (EAPOL-Key) message, it is sent to STA.
Step S411, STA generate the second random number SNonce, and according to SNonce and the ANonce and EAP that receive
The PMK generation PTK generated in the process, and intercept PTK and obtain Key Confirmation Key KCK, KEK and temporary key TK;STA is sent out to AP
EAPOL-Key message is sent, wherein carrying the second random number SNonce.The message integrity verification that message carrying is calculated with KCK
Code (Message Integrity Code, referred to as MIC).
Step S412, AP are according to generation during the SNonce received and the ANonce and EAP that oneself generate
PMK, according to the same algorithms of STA, derive PTK, and intercept PTK obtain KCK, KEK and TK.The KCK docking of AP generations
The EAPOL-Key message received is verified.If be proved to be successful, AP sends EAPOL-Key message to STA, which carries
Random number ANonce, and carry the MIC calculated with KCK.
Step S413, STA verify the EAPOL-Key message received.If be proved to be successful, STA installation bases
The temporary key TK that PTK is obtained is intercepted, and EAPOL-Key message is sent to AP.The MIC that message carrying is calculated with KCK.Extremely
This, 4 handshake procedures between STA and AP terminate.
Step S414 carries out group key handshake procedure between STA and AP.AP optionally generates third random number GNonce,
And random selection group temporary key GTK, GTK is encrypted with KEK, encrypted GTK and/or random number GNonce are carried on EAPOL-
In Key message, it is sent to STA.EAPOL-Key message equally also carries the MIC calculated with KCK.
Step S415:STA verifies the EAPOL-Key message received, is obtained if it is successful, being decrypted with KCK
GTK;STA sends EAPOL-Key message to AP, carries the MIC calculated with KCK.AP verifies the message received.Extremely
This, STA completes the foundation of initial connection, can carry out the transmitting-receiving of data packet.
Step S416, STA and wlan network carry out dhcp process, obtain IP address.
Mobile subscriber constantly enters or leaves the overlay area of an ESS.Every time when mobile equipment enters an ESS
When, mobile equipment must carry out the process that initial link circuit is established in STA networkings as shown in Figure 4.If STA was associated in the past
Associated safety context before may being cached at the AP, STA and AP during once connection.At this point, according to IEEE
The definition of 802.11 agreements, AP can omit EAP authentication process after associated steps, directly initiate 4-Way Handshake process.It but should
Flow still has the problem of security step is more, longer so as to cause the time delay of STA networkings.When a large number of users is simultaneously shorter
(such as in subway station, a large number of users, which has descended after subway to need to connect wlan network, to be obtained when needing to access wlan network in the time
Relevant route information), the problem of networking time delay is longer, can be more serious.
For in the relevant technologies, during STA and AP re-establishes link, safety verification flow is complicated, and cause into
The problem of net time delay is longer, currently no effective solution has been proposed.
Invention content
During re-establishing link for STA in the relevant technologies and AP, safety verification flow is complicated, and causes to network
The problem of time delay is longer, the present invention provides the verification method and device of a kind of key, at least to solve the above problems.
According to an aspect of the invention, there is provided a kind of verification method of key, including:AP receives STA secondary associations again
Or the first request message sent during the AP is re-associated to, wherein, above-mentioned first request message carries on STA secondary association or again
It is associated with corresponding safe context mark during the AP;AP locally preserves above-mentioned according to above-mentioned safe context identification retrieval
The safe context of STA, and judge whether the safe context retrieved is effective;If effectively, AP is directly carried out close with the STA
Key verification processing.
Preferably, the safe context mark, including at least one of:Pairwise master key mark PMKID, in pairs master
Re-authentication root key (rRK) in key PMK sequence numbers and Extensible Authentication Protocol (EAP) re-authentication agreement (EAP-RP)
Mark or certification master session key (rMSK) mark.
Preferably, first request message also carries the random number SNonce of the STA generations.
Preferably, the AP directly carries out key authentication processing with the STA, including:The AP generates random number
ANonce, according to the safe context and the SNonce and the ANonce derivation pair temporal key PTK, and according to
The PTK generation Key Confirmation Keys KCK;The AP calculates the first of first request message using the KCK of generation
The message integrity verification code MIC of response message, and first response message is sent to the STA, wherein, first sound
Message is answered to carry the MIC of first response message;The AP receives the STA after first response message is received
The second request message returned, and verify the MIC that second request message carries.
Preferably, if the verification passes, it after verifying the MIC that second request message carries, further includes:The AP makes
The MIC of the second response message of second request message calculated with the KCK of generation, and to described in STA transmissions
Second response message, wherein, second response message carries the MIC of second response message.
Preferably, the AP receives the second request message that the STA is returned after first response message is received
Before, it further includes:The STA derives PTK according to the safe context and the ANonce that locally preserve and the SNonce,
And KCK is generated according to the PTK;If the verification passes, the STA sends second request message to the AP, wherein, institute
It states the second request message and carries the MIC of second request message that the STA is calculated using the KCK of generation.
Preferably, the AP directly carries out key authentication processing with the STA, including:The AP generates random number
ANonce, and to the STA transmission carry the ANonce first request message the first response message;The AP
The second request message that the STA is returned is received, wherein, second request message carries second request message
MIC;The AP derives PTK, and give birth to according to the PTK according to the safe context and the ANonce and the SNonce
Into KCK;The AP verifies the MIC of second request message using the KCK of generation, and if the verification passes, the AP makes
The MIC of the second response message of second request message is calculated with the KCK of generation, and the second sound is sent to the STA
Message is answered, wherein, second response message carries the MIC of second response message.
Preferably, the AP directly carries out key authentication processing with the STA, including:The AP generates random number
ANonce, and to the STA transmission carry the ANonce first request message the first response message;The AP
PTK is derived, and generate KCK according to the PTK according to the safe context and the ANonce and the SNonce;It is described
AP receives the second request message that the STA is returned, wherein, second request message carries second request message
MIC;The AP verifies the MIC of second request message using the KCK of generation, and if the verification passes, the AP is used
The KCK of generation calculates the MIC of the second response message of second request message, and sends the second response to the STA
Message, wherein, second response message carries the MIC of second response message.
Preferably, it before the AP receives the second request message that the STA is returned, further includes:Described in the STA is received
First response message, according to the safe context and the ANonce that locally preserve and SNonce derivation PTK, and according to
The PTK generates KCK;The STA calculates the MIC of second request message using the KCK of generation;The STA is to institute
It states AP and sends second request message, wherein, second request message carries the MIC of second request message.
Preferably, the AP directly carries out key authentication processing with the STA, including:The AP generates random number
ANonce, and to the STA transmission carry the ANonce first request message the first response message;The AP
The second request message that the STA is returned is received, wherein, second request message carries the random number of the STA generations
The MIC of SNonce and second request message;The AP is according to the safe context and the SNonce and described
ANonce derives PTK, and generates Key Confirmation Key KCK according to the PTK;The AP verifies institute using the KCK of generation
The MIC of the second request message is stated, if the verification passes, the AP calculates second request message using the KCK of generation
The second response message MIC, and send second response message to the STA, wherein, second response message carries
There is the MIC of second response message.
Preferably, before the AP receives the second request message that the STA is returned, the method further includes:The STA
SNonce is generated, PTK is derived, and according to institute according to the safe context and the SNonce that locally preserve and the ANonce
State PTK generation Key Confirmation Keys KCK;The STA calculates the MIC of second request message according to the KCK of generation;Institute
It states STA and sends second request message to the AP, wherein, second request message carries second request message
MIC.
Preferably, it before AP receives STA the first request messages that secondary association or while re-associating to the AP send again, also wraps
It includes:The AP receives the second request message that the STA is sent, and generates random number ANonce, and sends described the to the STA
Second response message of two request messages, wherein, the ANonce of generation is carried in second response message;It is described
STA receives second response message, generates random number SNonce, according to the safe context of preservation and receive described in
The ANonce and SNonce derives PTK, and KCK is generated, and return to first request message to the AP according to the PTK,
Wherein, the MIC of first request message that the STA is calculated using the KCK is also carried in first request message
With the SNonce.
Preferably, the AP directly carries out key authentication processing with the STA, including:The AP is according to the peace retrieved
Full context and the SNonce received the and ANonce derive PTK, and KCK is generated according to the PTK;The AP makes
The MIC of second request message is verified with the KCK of generation, and if the verification passes, the AP uses the KCK generated
The MIC of the first response message of first request message is calculated, and first response message is sent to the STA, wherein,
First response message carries the MIC of first response message.
Preferably, first request message starts for authentication request message or the Extensible Authentication Protocol based on LAN
EAPOL-Start message, second request message are association request message;Alternatively, first request message please for association
Message is sought, second request message is authentication request message or the Extensible Authentication Protocol key EAPOL-KEY based on LAN
Message.
Preferably, first response message is authentication response message or EAP Request/mark message, and described second responds
Message is associate response message;Alternatively, first response message is associate response message, second request message is certification
Response message or the Extensible Authentication Protocol key eapol-key message based on LAN.
Preferably, if the AP do not retrieve the safe context of the STA or the safe context that detects without
Effect then carries the parameter that instruction STA carries out complete EAP authentication or EAP re-authentication in first response message.
Preferably, the safe context, including:Pairwise master key (PMK).
According to another aspect of the present invention, a kind of verification device of key is provided, including:Receiving module, for receiving
STA the first request messages that secondary association or while re-associating to AP send again, wherein, above-mentioned first request message carries the STA
Upper secondary association or while re-associating to AP corresponding safe context mark;Module is retrieved, for according to above-mentioned safe context mark
Know the safe context of above-mentioned STA that retrieval locally preserves;Judgment module, for judging whether the safe context retrieved has
Effect;Authentication module, for when the judging result of judgment module is effective, directly carrying out key authentication processing with above-mentioned STA.
Preferably, the safe context mark, including at least one of:Pairwise master key mark PMKID, in pairs master
Key PMK sequence numbers and rRK marks or rMSK marks in Extensible Authentication Protocol EAP re-authentication agreements EAP-RP.
Preferably, first request message also carries the random number SNonce of the STA generations.
Preferably, the authentication module, including:First generation unit, for generating random number ANonce, according to the peace
Full context and the SNonce and the ANonce derive pair temporal key PTK, and true according to PTK generation keys
Recognize key KCK;First computing unit, the first response for being calculated first request message using the KCK of generation are disappeared
The message integrity verification code MIC of breath;First transmitting element, for sending first response message to the STA, wherein,
First response message carries the MIC of first response message;First receiving unit is connecing for receiving the STA
Receive the second request message returned after first response message;First authentication unit, for verifying that second request disappears
Cease the MIC carried.
Preferably, if first authentication unit is verified, the KCK meters of the computing unit generation are triggered
The MIC of second response message of second request message calculated, and send second response from transmitting element to the STA
Message, wherein, second response message carries the MIC of second response message.
Preferably, the authentication module, including:Second generation unit, for generating random number ANonce;Second sends list
Member, for carrying the first response message of first request message of the ANonce to STA transmissions;Second receives
Unit, for receiving the second request message that the STA is returned, wherein, second request message carries described second please
Seek the MIC of message;Second generation unit is additionally operable to according to the safe context and the ANonce and described
SNonce derives PTK, and generates KCK according to the PTK;Second authentication unit, for using described in the KCK of generation verifications
The MIC of second request message if the verification passes, triggers the generation unit and calculates described second using the KCK of generation
The MIC of second response message of request message, and the second response message is sent from the transmitting element to the STA, wherein, institute
State the MIC that the second response message carries second response message.
Preferably, the authentication module, including:Third generation unit, for generating random number ANonce;Third sends single
Member, for carrying the first response message of first request message of the ANonce to STA transmissions;Third receives
Unit, for receiving the second request message that the STA is returned, wherein, second request message carries the STA generations
Random number SNonce and second request message MIC;The third generation unit, is additionally operable to according to above and below the safety
The literary and described SNonce and ANonce derives PTK, and generates Key Confirmation Key KCK according to the PTK;Third is verified
Unit, for the KCK of generation to be used to verify the MIC of second request message;Third computing unit, for logical in verification
It is out-of-date, the MIC of the second response message of second request message is calculated using the KCK of generation;The third sends single
Member is additionally operable to send second response message to the STA, wherein, second response message carries second sound
Answer the MIC of message.
Preferably, first request message is authentication request message, and second request message is association request message;
Alternatively, first request message is association request message, second request message is authentication request message or EAPOL-KEY
Message.
By the present invention, STA secondary associations or when re-associating to AP again, AP is according to the safe context identification retrieval sheet of STA
Secondary association or safe context when re-associating to the AP on the STA that ground preserves, and the safe context of the STA retrieved has
It imitates, then AP directly carries out key authentication processing with the STA, simplifies STA and AP and re-establishes the safety verification flow of link, keeps away
The problem of having exempted to cause networking time delay longer due to flow complexity.
Description of the drawings
Attached drawing described herein is used to provide further understanding of the present invention, and forms the part of the application, this hair
Bright illustrative embodiments and their description do not constitute improper limitations of the present invention for explaining the present invention.In the accompanying drawings:
Fig. 1 is the schematic diagram according to a kind of 802.11 network of the relevant technologies;
Fig. 2 is the schematic diagram according to a kind of wlan network of the relevant technologies;
Fig. 3 is the schematic diagram according to the key code system framework of the safety of the IEEE 802.11i of the relevant technologies;
The flow chart that Fig. 4 is established safely when being and accessing 802.11 networks of IEEE according to the STA of the relevant technologies;
Fig. 5 is the flow chart of the verification method of key according to embodiments of the present invention;
Fig. 6 is the flow chart according to the verification method of the key of the preferred embodiment of the present invention one;
Fig. 7 is the flow chart according to the verification method of the key of the preferred embodiment of the present invention two;
Fig. 8 is the flow chart according to the verification method of the key of the preferred embodiment of the present invention three;
Fig. 9 is the flow chart according to the verification method of the key of the preferred embodiment of the present invention four;
Figure 10 is the schematic diagram of the verification device of key according to embodiments of the present invention;
Figure 11 is a kind of schematic diagram of preferred authentication module according to embodiments of the present invention;
Figure 12 is the schematic diagram of another preferred authentication module according to embodiments of the present invention;
Figure 13 is the schematic diagram of another preferred authentication module according to embodiments of the present invention.
Specific embodiment
Come that the present invention will be described in detail below with reference to attached drawing and in conjunction with the embodiments.It should be noted that do not conflicting
In the case of, the feature in embodiment and embodiment in the application can be combined with each other.
A kind of verification method of key is provided according to embodiments of the present invention, is simplified STA and AP and is re-established link
Safety verification flow, avoid because flow complexity due to cause networking time delay longer the problem of.
Fig. 5 is the flow chart of the verification method of key according to embodiments of the present invention, as shown in figure 5, this method can wrap
Include following steps (step S502- step S506):
Step S502, AP receive STA the first request messages that secondary association or while re-associating to AP send again, wherein, first
Request message corresponding safe context mark when carrying secondary association on STA or re-associating to AP.
The safe context of STA that step S504, AP are locally preserved according to safe context identification retrieval, and judge to retrieve
Whether the safe context arrived is effective;
Step S506, if effectively, AP directly carries out key authentication processing with STA.
Through the embodiment of the present invention, STA secondary associations or when re-associating to AP again, AP is identified according to the safe context of STA
The STA last time that retrieval locally preserves is associated with the safe context during AP, and the safe context of the STA retrieved has
It imitates, then AP directly carries out key authentication processing with the STA, simplifies STA and AP and re-establishes the safety verification flow of link, keeps away
The problem of having exempted to cause networking time delay longer due to flow complexity.
STA and AP can cache the safe context of secondary association or re-association generation, and can pass through different safety
Context identifier is identified.In a preferred embodiment of the embodiment of the present invention, above-mentioned safe context mark, including
But it is not limited at least one of:Pairwise master key mark (PMKID), pairwise master key (PMK) sequence number and expansible recognize
Demonstrate,prove re-authentication root key (re-authentication Root Key, the abbreviation in agreement (EAP) re-authentication agreement (EAP-RP)
For rRK) mark or re-authentication master session key (re-authentication Master Session Key, referred to as rMSK)
Mark.Correspondingly, safe context can include at least one of:PMK, rRK and rMSK.
In a preferred embodiment of the invention, by safe context to be illustrated for PMK.AP receives STA secondary associations again
Or the first request message sent during AP is re-associated to, secondary association on STA is carried in first request message or is re-associated to
The PMK of STA that corresponding PMKID during AP, AP are locally preserved according to PMKID retrievals, and the safe context for judging to retrieve is
It is no effective.If the PMK retrieved is effective, AP directly carries out key authentication processing with STA.Wherein, the first request message is
Authentication request message, then the second request message is association request message;Alternatively, the first request message is association request message, then
Second request message is authentication request message or eapol-key message.Correspondingly, the first response message is authentication response message,
Second response message is associate response message;Alternatively, the first response message is associate response message, the second request message is certification
Response message or eapol-key message.
The verification method of the key of the embodiment of the present invention is described below by specific embodiment.
Preferred embodiment one
According to the preferred embodiment of the present invention, STA generates random number SNonce before the first request message is sent to AP,
And PMKID of STA last time when being associated with AP is obtained, and the SNonce of generation and the PMKID got are carried in the first request
AP is sent in message.After AP receives the first request message, according to the corresponding PMK of PMKID, and judge that the PMK retrieved is
It is no effective.If the PMK retrieved is effective, AP directly carries out key authentication processing with STA.
In a preferred embodiment of the embodiment of the present invention, AP directly carries out key authentication processing with STA to be wrapped
It includes:AP generates random number ANonce, and PTK is derived according to the PMK retrieved the and SNonce received and the ANonce of generation,
And KCK is generated according to the PTK derived.AP calculates the MIC of the first response message of the first request message using the KCK of generation,
And the first response message is sent to STA, wherein, the first response message carries the MIC of the first response message.AP receives STA and exists
The second request message returned after the first response message is received, and verifies the MIC that the second request message carries.Optionally, such as
Fruit is verified, the MIC of the second response message of the second request message that AP is calculated using the KCK of generation, and sends institute to STA
The second response message is stated, wherein, the second response message carries the MIC of the second response message.
Preferably, AP receive STA before the second request message returned after receiving the first response message, STA according to
The ANonce and the SNonce of generation that the PMK and AP locally preserved is sent derive PTK, and generate KCK according to PTK.STA is used
The KCK of generation verifies the MIC carried in the first response message.If the verification passes, STA sends the second request message to AP,
In, the second request message carries the MIC of the second request message that STA is calculated using the KCK of generation.Specifically, STA can lead to
It crosses in the following manner and verifies the MIC carried in the first response message:STA can use first responses of the KCK of generation to receiving
Message calculates Hash (Hash) value MIC, and the MIC for calculating gained is compared with the MIC received, if the two is identical,
It is verified;No person, authentication failed.
Fig. 6 be according to the flow chart of the verification method of the key of the preferred embodiment of the present invention one, as shown in fig. 6, not into
In the case of the complete EAP authentication of row or re-authentication, the step of safe context is quickly established between STA and AP and is quickly networked,
This method may comprise steps of (step S601- step S613):
Step S601, STA are associated with AP, carry out complete EAP authentication process.In this process, STA and AP are stored
Relevant safe context.The safe context safe context mark of the STA is identified.Preferably, above and below the safety
Text mark can be the rRK marks in PMK marks (PMKID) or PMK sequence numbers or EAP re-authentication agreement (EAP-RP),
RMSK marks etc..
Step S602, STA go to be associated at the AP.At this point, STA and AP optionally carry out the caching of safe context respectively
Work.
Step S603, after a period of time, STA is associated with the AP again.The beacon (Beacon) that STA receives AP transmissions disappears
Breath or STA actively send probe requests thereby (Probe Request) message to AP, and AP sends probe response (Probe to STA
Response) message.Wherein, AP is carried in Beacon or Probe Response message and supports what quick initial link circuit was established
Ability indicates.
Last safe context when being associated with AP is cached at step S604, STA, and still effectively;STA generation with
Machine number SNonce.
Step S605, STA to AP send authentication request message, the message carry STA generation random number SNonce and
Safe context identifies.Preferably, which is identified as:PMKID or PMK sequence numbers or EAP re-authentication agreements
(EAP-RP) the rRK marks in, rMSK marks etc..
Step S606, after AP receives authentication request message, this STA pairs of the safe context identification retrieval in message
The safe context answered.If the safe context is still effective, AP continues step S607;If the safe context
In vain or AP does not retrieve the corresponding safe contexts of the STA, then AP directly carries out step S608.
Step S607, AP generation random number ANonce;AP is derived according to the PMK and ANonce and SNonce of caching
PTK;And KCK and/or KEK and/or TK is generated according to PTK.
Step S608, AP send authentication response message to STA.If in step S606, AP retrieves that the STA is corresponding to be had
Safe context is imitated, then the message carries:Random number ANonce, message integrity verification code MIC and/or random number SNonce.
Wherein, MIC is the message integrity verification code that AP calculates the authentication response message using the KCK derived.If step
In S606, AP does not retrieve the corresponding effective and safe contexts of the STA, then the message carries instruction STA and carries out complete EAP authentication
Or the parameter of EAP re-authentication.Optionally, AP can generate group key GTK and/or IGTK in this step, and in authentication response
STA is sent in message.
Step S609, STA derive PTK according to the safe context PMK and ANonce and SNonce of caching;According to PTK
Generate KCK and/or KEK and/or TK;STA verifies the MIC in the authentication response message that receives.
Step S610, if be proved to be successful, STA sends association request message to AP, which carries message integrity
Identifying code (MIC) and/or ANonce and/or random number SNonce.Wherein, MIC is that STA uses the KCK derived to the pass
The message integrity verification code that connection request message is calculated.
Step S611, AP verify the MIC in the association request message that receives.
Step S612, if the verification passes, AP send associate response message to STA, which carries message integrity
Identifying code (MIC) and/or ANonce and/or SNonce.Wherein, MIC is that AP disappears to the associated response using the KCK derived
The calculated message integrity verification code of breath.Optionally, AP can generate group key GTK and/or IGTK in this step, and
STA is sent in authentication response message.
Step S613, STA verify the MIC in the associate response message that receives.If be proved to be successful, STA
The foundation of initial link circuit is successfully completed between AP, it can safely transceiving data message.
Preferably, in above-mentioned steps, the association request in authentication request message or step S610 in step S605 disappears
Upper layer message can be carried in breath simultaneously, for example, IP address specifies request message (for example, DHCP Discover message);Step
The IP address assignment procedure between AP and Dynamic Host Configuration Protocol server can be carried out after S607 or S611;Authentication response in step S608
Upper layer message can be carried simultaneously in associate response message in message or S612, for example, IP address specified response message (DHCP
ACK message) or DHCP Offer message etc..
Preferably, in above-mentioned steps, the authentication request message in step S605 can also be association request message;Step
Authentication response message in S608 can also be associate response message;Association request message in step S610 can also be certification
Request message or eapol-key message or the key authentication request message newly defined;Associate response message in step S612
Can also be authentication response message or eapol-key message or the key authentication response message newly defined.At this point, step S612
It is optional.
Optionally, in above-mentioned steps, the authentication request message in step S605 can also be association request message;Step
Authentication response message in S608 can also be that authentication request message or eapol-key message or the key authentication newly defined please
Seek message;Association request message in step S610 can also be authentication response message or eapol-key message or new definition
Key authentication response message.
Preferred embodiment two
According to the preferred embodiment of the present invention, STA generates random number SNonce before the first request message is sent to AP,
And PMKID of STA last time when being associated with AP is obtained, and the SNonce of generation and the PMKID got are carried in the first request
AP is sent in message.After AP receives the first request message, according to the corresponding PMK of PMKID, whether the PMK retrieved is judged
Effectively.If the PMK retrieved is effective, AP directly carries out key authentication processing with STA.
In a preferred embodiment of the embodiment of the present invention, AP directly carries out key authentication processing with STA to be wrapped
It includes:AP generate random number ANonce, and to STA transmission carry generation ANonce the first request message first response disappear
Breath.AP receives the second request message that STA is returned, wherein, the second request message carries the MIC of the second request message.AP roots
PTK is derived, and KCK is generated according to PTK according to PMK and the ANonce and SNonce of generation.AP verifies second using the KCK of generation
The MIC of request message if the verification passes, then calculates the second response message of the second request message using the KCK of generation
MIC, and the second response message is sent to STA, wherein, the second response message carries the MIC of the second response message.Specifically,
AP can verify the MIC carried in the second request message in the following manner:AP can use the KCK of generation to receive the
Two request messages calculate cryptographic Hash MIC, and will calculate gained MIC with the MIC received compared with, if the two is identical,
It is verified;No person, authentication failed.
Preferably, before AP receives the second request message that STA is returned, STA receives the first response message that AP is sent, root
PTK is derived, and generate according to the PTK derived according to the PMK locally preserved the and ANonce received and the SNonce of generation
KCK.STA calculates the MIC of the second request message using the KCK of generation, and sends the second request message to AP, wherein, second please
Message is asked to carry the MIC of the second request message.
Fig. 7 be according to the flow chart of the verification method of the key of the preferred embodiment of the present invention two, as shown in fig. 7, not into
In the case of the complete EAP authentication of row or re-authentication, safe context and the flow quickly to network are quickly established between STA and AP,
This method can include following steps (step S701- step S713):
Step S701- steps S706 is the same as the step S601- steps S606 in preferred embodiment one.
Step S707, AP generation random number ANonce.
Step S708, AP send authentication response message to STA.If AP retrieves that the STA is corresponding to be had in step S706
Safe context is imitated, then the message carries:Random number ANonce and/or random number SNonce;If AP is not examined in step S706
Rope is to the corresponding effective and safe contexts of the STA, then the message carries instruction STA and carries out complete EAP authentication or EAP re-authentication
Parameter.Optionally, AP can generate group key GTK and/or IGTK in this step, and be sent in authentication response message
STA。
Step S709, STA derive PTK according to the safe context PMK and ANonce and SNonce of caching;According to PTK
Generate KCK and/or KEK and/or TK;STA verifies the MIC in the authentication response message that receives.
Step S710, if be proved to be successful, STA sends association request message to AP, which carries message integrity
Identifying code (MIC) and/or ANonce and/or random number SNonce.Wherein, MIC is that STA uses the KCK derived to the pass
The message integrity verification code that connection request message is calculated.
Step S711, AP derive PTK according to the PMK and ANonce and SNonce of caching;And KCK is generated according to PTK,
And/or KEK and/or TK;AP verifies the MIC in the association request message that receives.In this process, the derivation of PTK
It can also be carried out after step S707.
Step S712, if the verification passes, AP send associate response message to STA, which carries message integrity
Identifying code MIC and/or ANonce and/or SNonce.Wherein, MIC is that AP uses the KCK derived to the associate response message
The message integrity verification code calculated.Optionally, AP can generate group key GTK and/or IGTK in this step, and recognize
STA is sent in card response message.
Step S713, STA verify the MIC in the associate response message that receives.If be proved to be successful, STA
The foundation of initial link circuit is successfully completed between AP, it can safely transceiving data message.
In above-mentioned flow, authentication request message in step S705 or it can be taken simultaneously in the association request message of S710
Band upper layer message:Such as IP address specifies request message (such as DHCP Discover message);It can after step S706 or S711
To carry out the IP address assignment procedure between AP and Dynamic Host Configuration Protocol server;The association of authentication response message or S712 in step S708
Upper layer message can be carried in response message simultaneously:Such as IP address specified response message (DHCP ACK messages) or DHCP
Offer message etc..
In above-mentioned flow, the authentication request message in step S705 can also be association request message;In step S708
Authentication response message can also be associate response message;Association request message in step S710 can also disappear for certification request
Breath or eapol-key message or the key authentication request message newly defined;Step S712) in associate response message can be with
For authentication response message or eapol-key message or the key authentication response message newly defined.
Optionally, in above-mentioned flow, the authentication request message in step S705 can also be association request message;Step
Authentication response message in S708 can also be that authentication request message or eapol-key message or the key authentication newly defined please
Seek message;Association request message in step S710 can also be authentication response message or eapol-key message or new definition
Key authentication response message.
Preferred embodiment three
According to the preferred embodiment of the present invention, before the first request message is sent to AP, acquisition STA last time is associated with STA
PMKID during AP, and the PMKID got is carried and is sent to AP in the first request message.AP receives the first request and disappears
After breath, according to the corresponding PMK of PMKID, and judge whether the PMK retrieved is effective.If the PMK retrieved is effective, AP is direct
Key authentication processing is carried out with STA.Specifically, whether AP may determine that PMK also in effective life cycle, if,
PMK is effective;Otherwise PMK is invalid.And/or AP can also judge the certification in PMK and key management (Authentication and
Key Management, referred to as AKM) it is whether consistent with the AKM in the first request message, if unanimously, PMK is effective;It is no
Then, PMK is invalid.
In a preferred embodiment of the embodiment of the present invention, AP directly carries out key authentication processing with STA, can wrap
It includes:AP generates random number ANonce, and the first response message of the first request message for carrying ANonce is sent to STA;AP
The second request message that STA is returned is received, wherein, the second request message carries the random number SNonce and second of STA generations
The MIC of request message;AP derives PTK, and generate Key Confirmation Key according to PTK according to PMK and SNonce and ANonce
KCK;AP verifies the MIC of the second request message using the KCK of generation, and AP calculates second using the KCK of generation if the verification passes
The MIC of second response message of request message, and the second response message is sent to STA, wherein, the second response message carries the
The MIC of two response messages.
Preferably, before AP receives the second request message that STA is returned, STA generation SNonce, according to what is locally preserved
PMK and SNonce and ANonce derives PTK, and generates Key Confirmation Key KCK according to PTK;STA is counted according to the KCK of generation
Calculate the MIC of the second request message;STA sends the second request message to AP, wherein, the second request message carries the second request and disappears
The MIC of breath.
Fig. 8 be according to the flow chart of the verification method of the key of the preferred embodiment of the present invention three, as shown in figure 8, not into
In the case of the complete EAP authentication of row or re-authentication, safe context and the flow quickly to network are quickly established between STA and AP,
This method can include following steps (step S801- step S812):
Step S801, STA are associated with AP, carry out complete EAP authentication process.In this process, STA and AP are stored
Relevant safe context.The safe context safe context mark of the STA is identified.Preferably, above and below the safety
Text mark can be the rRK marks in PMK marks (PMKID) or PMK sequence numbers or EAP re-authentication agreement (EAP-RP),
RMSK marks etc..
Step S802, STA go to be associated at the AP.At this point, STA and AP optionally carry out the caching of safe context respectively
Work.
Step S803, after a period of time, STA secondary association or re-associates to the AP again.STA receives the beacon of AP transmissions
(Beacon) message or STA actively send probe requests thereby (Probe Request) message to AP, and AP sends probe response to STA
(Probe Response) message.Wherein, AP is carried in Beacon or Probe Response message and supports quick initial chain
The ability instruction that road is established.
Last safe context when being associated with the AP is cached in step S804, STA, and the safe context is still
Effectively.STA sends certification request (Authentication Request) message to AP, wherein, authentication request message carries
Safe context identifies.Preferably, which is identified as:PMKID or PMK sequence numbers.Step S805, AP are received
After authentication request message, the corresponding safe context of the safe context identification retrieval STA in message.If the safety
Context is still effective, then AP continues step S806;If the safe context is invalid or AP does not retrieve this
The corresponding safe contexts of STA, then AP directly carry out step S807.
Step S806, AP generation random number ANonce.
Step S807, AP send authentication response message to STA.If in step S805, AP retrieves the STA and is corresponding with
The safe context of effect, then the message carry random number ANonce;If in step S805, AP does not retrieve STA correspondences
Effective and safe context, then the message carry the parameter that instruction STA carries out complete EAP authentication or EAP re-authentication.Optionally,
AP can generate group key GTK and/or IGTK in this step, and STA is sent in authentication response message.
Step S808, STA generation random number SNonce, and according to safe context PMK, ANonce and the SNonce of caching
Derive PTK;KCK and/or KEK and/or TK is generated according to PTK.
Step S809, STA send association request message to AP, which carries random number SNonce, message integrity
Identifying code (MIC) and/or ANonce.Wherein, MIC is that STA calculates the association request message using the KCK derived
Message integrity verification code.
Step S810, AP derive PTK according to the PMK and ANonce and SNonce of caching;And KCK is generated according to PTK,
And/or KEK and/or TK.AP verifies the MIC in the association request message that receives.
Step S811, if the verification passes, AP send associate response message to STA, which carries message integrity
Identifying code (MIC) and/or ANonce and/or SNonce.Wherein, MIC is that AP disappears to the associated response using the KCK derived
The calculated message integrity verification code of breath.Optionally, AP can generate group key GTK and/or IGTK in this step, and
STA is sent in associate response message.
Step S812, STA verify the MIC in the associate response message that receives.If be proved to be successful, STA
The foundation of initial link circuit is successfully completed between AP, it can safely transceiving data message.
In above-mentioned steps, it can be carried simultaneously in the authentication request message of step S804 or the association request message of S809
Upper layer message:Such as IP address specifies request message (for example, DHCP Discover message).It can after step S805 or S810
It can carry out the IP address assignment procedure between AP and Dynamic Host Configuration Protocol server;The pass in authentication response message or S811 in step S807
Upper layer message can be carried simultaneously in connection response message, for example, IP address specified response message (DHCP Ack message) or DHCP
Offer message etc..
In above-mentioned steps, the authentication request message in step S804 can also be association request message or EAPOL-
Start message;Authentication response message in step S807 can also be associate response message or EAP Request/mark (EAP-
Req/Identity) message;Association request message in step S809 can also be that authentication request message or EAPOL-KEY disappear
Breath or the key authentication request message newly defined;Associate response message in step S811 can also be authentication response message or
Eapol-key message or the key authentication response message newly defined.
Optionally, in above-mentioned steps, the authentication request message in step S804 can also be association request message;Step
Authentication response message in S807 can also be that authentication request message or eapol-key message or the key authentication newly defined please
Seek message;Association request message in step S809 can also be authentication response message or eapol-key message or new definition
Key authentication response message.
In above-mentioned steps, optionally, safe context mark can also carry in step S809.Step S805 at this time
It is carried out after step S805 can be postponed till with before S810.
Preferred embodiment four
In embodiments of the present invention, it not only can start secondary association on phase AP transmissions STA in certification or re-associate to AP
Safe context mark, above-mentioned safe context can also be sent to AP in the follow-up process and identified.For example, STA is to AP
STA upper secondary associations are carried when sending association request or re-associate to the safe context of AP and are identified.
According to embodiments of the present invention, AP receives STA the first requests that secondary association or while re-associating to the AP send again and disappears
Before breath, AP can also receive the second request message of STA transmissions, generate random number ANonce, and send the second request to STA
Second response message of message, wherein, the ANonce of generation is carried in the second response message;STA receives the second response message,
Random number SNonce is generated, PTK is derived according to the safe context of preservation and the ANonce received and the SNonce of generation,
KCK is generated, and return to the first request message to AP according to PTK, wherein, STA is also carried in the first request message and is counted using KCK
The random number SNonce of MIC and the STA generation for the first request message calculated.
In a preferred embodiment of the embodiment of the present invention, AP directly carries out key authentication processing with STA to be wrapped
It includes:AP derives PTK according to the safe context retrieved and the SNonce received and the ANonce of generation, is given birth to according to PTK
Into KCK;AP verifies the MIC of the second request message using the KCK of generation, and if the verification passes, AP calculates the using the KCK of generation
The MIC of first response message of one request message, and the first response message is sent to STA, wherein, the first response message carries
The MIC of first response message.
Fig. 9 be according to the flow chart of the verification method of the key of the preferred embodiment of the present invention four, as shown in figure 9, not into
In the case of the complete EAP authentication of row or re-authentication, safe context and the flow quickly to network are quickly established between STA and AP,
This method can include following steps (step S901- step S912):
Step S901- steps S903 is identical with the step S801- steps S803 in the preferred embodiment of the present invention three.
Step S904, STA send EAPOL-Start message to AP.
Step S905, AP receives the EAPOL-Start message that STA is sent, and generates random number ANonce.
Step S906, AP send certification message to STA, wherein, AP is carried in certification message and is generated in step S905
Random number ANonce.
Step S907, STA receives the certification message that AP is sent, and generates random number SNonce, according to the PMK locally preserved
And the ANonce received and the SNonce of generation derive PTK, and KCK is generated according to PTK.
Step S908, STA send association request to AP, wherein, secondary association or re-association on STA are carried in association request
The MIC that safe context during to AP is identified (being in embodiments of the present invention PMKID), calculated using KCK association request, with
And the random number SNonce of STA generations.
Step S909, AP retrieve the safe context of the STA according to the PMKID received, and determine the safety retrieved
Context is effective.
Step S910, AP derive PTK according to the PMK retrieved the and SNonce received and the ANonce of generation, and
KCK is generated according to PTK, the MIC of association request received using the KCK calculating of generation verifies MIC.
Step S911, AP to STA send associated response, if the verification passes, in associated response carry AP generation with
The MIC that machine number and AP calculate associated response according to the KCK of generation.
Step S912, STA receives associated response, and verifies the MIC carried in associated response.
Preferably, the association request message in step S908 can also be authentication request message or eapol-key message,
Or the key authentication request message newly defined;Associate response message in step S911 can also be authentication response message or
Eapol-key message or the key authentication response message newly defined.
Pass through the method for quick foundation safety of the present invention, it is convenient to omit EAP authentication or re-authentication process, greatly
Fast terminal re-establishes the speed of link, reduces the time delay that terminal re-accesses wlan network.It is needed especially for a large number of users
The scene of access wlan network, performance have great promotion in very short time.
According to embodiments of the present invention, a kind of verification device of key is additionally provided, STA and AP is simplified and re-establishes link
Safety verification flow, avoid because flow complexity due to cause networking time delay longer the problem of.
Figure 10 is the schematic diagram of the verification device of key according to embodiments of the present invention, which is located at AP sides, such as Figure 10
Shown, which mainly includes:Receiving module 10, retrieval module 20, judgment module 30 and authentication module 40.Wherein, mould is received
Block, for receiving STA the first request messages that secondary association or while re-associating to access point AP send again, wherein, the first request disappears
Breath corresponding safe context mark when carrying secondary association on STA or re-associating to AP;Module 20 is retrieved, with receiving module 10
It is coupled, for the safe context of the STA locally preserved according to safe context identification retrieval;Judgment module 30, with retrieval
Module 20 is coupled, for judging whether the safe context retrieved is effective;Authentication module is coupled with judgment module 30,
For when the judging result of judgment module 30 is effective, directly carrying out key authentication processing with STA.
Through the embodiment of the present invention, STA secondary associations or when re-associating to AP again, the retrieval module 20 of AP is according to the peace of STA
The STA last time that full Context identifier retrieval locally preserves is associated with the safe context during AP, and judgment module 30 judges inspection
The safe context for the STA that rope arrives is effective, then the authentication module 40 of AP directly carries out key authentication processing with the STA, simplifies
STA and AP re-establishes the safety verification flow of link, avoids the problem of causing the networking time delay longer due to flow complexity.
STA and AP can cache the safe context of secondary association generation, and can pass through different safe context marks
Knowledge is identified.In a preferred embodiment of the embodiment of the present invention, above-mentioned safe context mark, including but not limited to
At least one of:Pairwise master key mark (PMKID), pairwise master key (PMK) sequence number and Extensible Authentication Protocol
(EAP) the rRK marks or rMSK marks in re-authentication agreement (EAP-RP).Correspondingly, safe context can include with down toward
It is one of few:PMK, rRK and rMSK.
In a preferred embodiment of the invention, by safe context to be illustrated for PMK.AP receives STA secondary associations again
Or the first request message sent during AP is re-associated to, secondary association on STA is carried in first request message or is re-associated to
PMKID, the PMK of STA that AP is locally preserved according to PMKID retrievals are corresponded to during AP, and whether judges the safe context retrieved
Effectively.If the PMK retrieved is effective, AP directly carries out key authentication processing with STA.Wherein, the first request message is recognizes
Request message is demonstrate,proved, then the second request message is association request message;Alternatively, the first request message is association request message, then the
Two request messages are authentication request message or eapol-key message.Correspondingly, the first response message is authentication response message, the
Two response messages are associate response message;Alternatively, the first response message is associate response message, the second request message is rung for certification
Answer message or eapol-key message.
The verification method of the key of the embodiment of the present invention is described below by specific embodiment.
Figure 11 is a kind of schematic diagram of preferred authentication module according to embodiments of the present invention, can be used to implement preferred implementation
The method of example one, as shown in figure 11, authentication module 40 mainly include:First generation unit 402, for generating random number
ANonce, the SNonce and the first generation unit 402 that the PMK and receiving module 10 retrieved according to retrieval module 20 is received give birth to
Into ANonce derive PTK, and Key Confirmation Key KCK is generated according to PTK;First computing unit 404, with the first generation unit
402 are coupled, for using the MIC of the first response message of the KCK of generation the first request messages of calculating;First transmitting element
406, it is coupled with the first computing unit 404, for sending the first response message to STA, wherein, the first response message carries
The MIC of first response message;First receiving unit 408, for receive that STA is returned after the first response message is received second
Request message;First authentication unit 410 is coupled with the first receiving unit 408, for verifying the carrying of the second request message
MIC.Optionally, if the verification passes, the first computing unit 404 of triggering uses the KCK of generation the second request messages calculated
The MIC of second response message, and the second response message is sent from the first transmitting element 406 to STA, wherein, the second response message
Carry the MIC of the second response message.
Preferably, the first receiving unit 408 receives the second request message that STA is returned after the first response message is received
Before, STA derives PTK, and give birth to according to PTK according to the SNonce of the PMK and AP locally preserved the ANonce sent and generation
Into KCK.STA verifies the MIC carried in the first response message using the KCK of generation.If the verification passes, STA sends the to AP
Two request messages, wherein, the second request message carries the MIC of the second request message that STA is calculated using the KCK of generation.Tool
Body, STA can verify the MIC carried in the first response message in the following manner:STA can use the KCK docking of generation
The first response message received calculates hash value MIC, and the MIC for calculating gained is compared with the MIC received, if the two
It is identical, then it is verified;No person, authentication failed.
Figure 12 is the schematic diagram of another preferred authentication module according to embodiments of the present invention, can be used to implement preferred reality
The method for applying example two, as shown in figure 12, authentication module 40 mainly include:Second generation unit 412, for generating random number
ANonce;Second transmitting element 414, for carrying the first response message of the first request message of ANonce to STA transmissions;
Second receiving unit 416, for receiving the second request message of STA returns, wherein, the second request message carries the second request
The MIC of message;Second generation unit 412 is additionally operable to derive PTK according to PMK and ANonce and SNonce, and give birth to according to PTK
Into KCK;Second authentication unit 418, for the KCK of generation to be used to verify the MIC of the second request message.
Optionally, if the second authentication unit 418 is verified, the second generation unit 412 of triggering uses the KCK generated
The MIC of the second response message of the second request message is calculated, and the second response message is sent from the second transmitting element 414 to STA,
Wherein, the second response message carries the MIC of the second response message.
Preferably, before the second receiving unit 416 of AP receives the second request message that STA is returned, STA receives AP and sends
The first response message, PTK, and root are derived according to the PMK locally preserved the and ANonce received and the SNonce of generation
KCK is generated according to the PTK derived.STA calculates the MIC of the second request message using the KCK of generation, and sends the second request to AP
Message, wherein, the second request message carries the MIC of the second request message.
Figure 13 is the schematic diagram of another preferred authentication module according to embodiments of the present invention, can be used to implement preferred reality
The method for applying example three, as shown in figure 13, authentication module 40 mainly include:Third generation unit 420, for generating random number
ANonce;Third transmitting element 422 is coupled with third generation unit 420, for carrying the of ANonce to STA transmissions
First response message of one request message;Third receiving unit 424 is coupled with third transmitting element 422, for receiving STA
The second request message returned, wherein, the second request message carries the random number SNonce of STA generations and second request
The MIC of message;Third generation unit 420 is additionally operable to derive PTK according to PMK and SNonce and ANonce, and give birth to according to PTK
Into Key Confirmation Key KCK;Third authentication unit 428, for the KCK of generation to be used to verify second request message
MIC;Third computing unit 430 is coupled with third authentication unit 428, for when being verified, being counted using the KCK of generation
Calculate the MIC of the second response message of the second request message;Third transmitting element 422 is additionally operable to send second to STA and respond to disappear
Breath, wherein, the second response message carries the MIC of the second response message.
Preferably, before the third receiving unit 424 of AP receives the second request message that STA is returned, STA generations
SNonce derives PTK, and generate Key Confirmation Key according to PTK according to the PMK and SNonce and ANonce locally preserved
KCK;STA calculates the MIC of the second request message according to the KCK of generation;STA sends the second request message to AP, wherein, second please
Message is asked to carry the MIC of the second request message.
It can be seen from the above description that the present invention realizes following technique effect:STA secondary association or re-associations again
During to AP, secondary association or peace when re-associating to the AP on the STA that AP is locally preserved according to the safe context identification retrieval of STA
Full context, and the safe context of the STA retrieved is effective, then AP directly carry out key authentication processing with the STA, can be with
EAP authentication or re-authentication process are omitted, greatly speeds up the speed that terminal re-establishes link, terminal is reduced and re-accesses wlan network
Time delay.The scene of the access wlan network in very short time is needed especially for a large number of users, performance has great promotion.
Obviously, those skilled in the art should be understood that each module of the above-mentioned present invention or each step can be with general
Computing device realize that they can concentrate on single computing device or be distributed in multiple computing devices and be formed
Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
It is performed in the storage device by computing device, and in some cases, it can be to be different from shown in sequence herein performs
The step of going out or describing they are either fabricated to each integrated circuit modules respectively or by multiple modules in them or
Step is fabricated to single integrated circuit module to realize.It to be combined in this way, the present invention is not limited to any specific hardware and softwares.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, that is made any repaiies
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (20)
1. a kind of verification method of key, which is characterized in that including:
Access point AP receiving stations STA the first request messages that secondary association or while re-associating to the AP send again, wherein, it is described
First request message corresponding safe context mark when carrying secondary association on the STA or re-associating to the AP;
The safe context of the STA that the AP is locally preserved according to the safe context identification retrieval, and judge to retrieve
Whether the safe context arrived is effective;
If effectively, the AP directly carries out key authentication processing with the STA;
Wherein, first request message also carries the random number SNonce of the STA generations;
Wherein, the AP directly carries out key authentication processing with the STA, including:The AP generations random number ANonce, and to
The STA transmissions carry the first response message of first request message of the ANonce;The AP receives the STA
The second request message returned, wherein, second request message carries the MIC of second request message;The AP roots
PTK is derived, and KCK is generated according to the PTK according to the safe context and the ANonce and the SNonce;The AP
The MIC of second request message is verified using the KCK of generation, and if the verification passes, the AP is described using generation
KCK calculates the MIC of the second response message of second request message, and sends the second response message to the STA, wherein,
Second response message carries the MIC of second response message;Or
The AP directly carries out key authentication processing with the STA, including:The AP generates random number ANonce, and to described
STA transmissions carry the first response message of first request message of the ANonce;The AP is according in the safety
Hereafter and the ANonce and SNonce derives PTK, and generate KCK according to the PTK;The AP receives the STA
The second request message returned, wherein, second request message carries the MIC of second request message;The AP makes
The MIC of second request message is verified with the KCK of generation, and if the verification passes, the AP uses the KCK generated
The MIC of the second response message of second request message is calculated, and the second response message is sent to the STA, wherein, it is described
Second response message carries the MIC of second response message.
2. according to the method described in claim 1, it is characterized in that, the safe context identifies, including at least one of:
Pairwise master key mark PMKID, pairwise master key PMK sequence numbers and Extensible Authentication Protocol EAP re-authentication agreements EAP-RP
In re-authentication root key rRK mark or certification master session key rMSK mark.
3. according to the method described in claim 1, it is characterized in that, the AP directly with the STA carry out key authentication processing,
Including:
The AP generates random number ANonce, according to the safe context and the SNonce and the ANonce derive into
Key Confirmation Key KCK is generated to temporary key PTK, and according to the PTK;
The AP calculates the message integrity verification of the first response message of first request message using the KCK of generation
Code MIC, and first response message is sent to the STA, wherein, first response message carries first response
The MIC of message;
The AP receives the second request message that the STA is returned after first response message is received, and described in verification
The MIC that second request message carries.
4. according to the method described in claim 3, it is characterized in that, if the verification passes, verify that second request message is taken
After the MIC of band, further include:
The MIC of the second response message of second request message that the AP is calculated using the KCK of generation, and to described
STA sends second response message, wherein, second response message carries the MIC of second response message.
5. according to the method described in claim 3, it is characterized in that, the AP, which receives the STA, is receiving first sound
Before answering the second request message returned after message, further include:
The STA derives PTK according to the safe context and the ANonce that locally preserve and the SNonce, and according to institute
State PTK generations KCK;
The STA verifies the MIC carried in first response message using the KCK of generation;
If the verification passes, the STA sends second request message to the AP, wherein, second request message is taken
The MIC of second request message calculated with the STA using the KCK of generation.
6. according to the method described in claim 1, it is characterized in that, the AP receives the second request message that the STA is returned
Before, it further includes:
The STA receives first response message, according to the safe context and the ANonce that locally preserve and described
SNonce derives PTK, and generates KCK according to the PTK;
The STA calculates the MIC of second request message using the KCK of generation;
The STA sends second request message to the AP, wherein, second request message carries described second please
Seek the MIC of message.
7. according to the method described in claim 2, it is characterized in that, the AP directly with the STA carry out key authentication processing,
Including:
The AP generates random number ANonce, and first request message of the ANonce is carried to STA transmissions
The first response message;
The AP receives the second request message that the STA is returned, wherein, second request message carries the STA lifes
Into random number SNonce and second request message MIC;
The AP derives PTK, and give birth to according to the PTK according to the safe context and the SNonce and the ANonce
Into Key Confirmation Key KCK;
The AP verifies the MIC of second request message using the KCK of generation, and if the verification passes, the AP is used
The KCK of generation calculates the MIC of the second response message of second request message, and sends described second to the STA
Response message, wherein, second response message carries the MIC of second response message.
8. the method according to the description of claim 7 is characterized in that the AP receives the second request message that the STA is returned
Before, the method further includes:
The STA generates SNonce, is derived according to the safe context and the SNonce that locally preserve and the ANonce
PTK, and Key Confirmation Key KCK is generated according to the PTK;
The STA calculates the MIC of second request message according to the KCK of generation;
The STA sends second request message to the AP, wherein, second request message carries described second please
Seek the MIC of message.
9. according to the method described in claim 2, it is characterized in that, AP receives STA secondary associations or when re-associating to the AP again
Before the first request message sent, further include:
The AP receives the second request message that the STA is sent, and generates random number ANonce, and to described in STA transmissions
Second response message of the second request message, wherein, the ANonce of generation is carried in second response message;
The STA receives second response message, random number SNonce is generated, according to the safe context of preservation and reception
The ANonce arrived the and SNonce derives PTK, and KCK is generated, and return to described first to the AP and ask according to the PTK
Message is sought, wherein, the STA is also carried in first request message and is disappeared using first request that the KCK is calculated
The MIC of the breath and SNonce.
10. according to the method described in claim 9, it is characterized in that, the AP is directly carried out with the STA at key authentication
Reason, including:
The AP derives PTK, root according to the safe context retrieved and the SNonce received and the ANonce
KCK is generated according to the PTK;
The AP verifies the MIC of second request message using the KCK of generation, and if the verification passes, the AP is used
The KCK of generation calculates the MIC of the first response message of first request message, and sends described first to the STA
Response message, wherein, first response message carries the MIC of first response message.
11. the method according to any one of claim 3 to 5,7 to 10, which is characterized in that first request message is
Authentication request message or Extensible Authentication Protocol based on LAN start EAPOL-Start message, and second request message is
Association request message;Alternatively, first request message is association request message, second request message disappears for certification request
Breath or the Extensible Authentication Protocol key eapol-key message based on LAN.
12. the method according to any one of claim 3 to 5,7 to 10, which is characterized in that first response message is
Authentication response message or EAP Request/mark message, second response message are associate response message;Alternatively, described first
Response message is associate response message, extended authentication association of second request message for authentication response message or based on LAN
Discuss key eapol-key message.
13. the method according to any one of claim 3 to 5,7 to 10, which is characterized in that if the AP is not retrieved
The safe context of the STA or the safe context detected are invalid, then instruction STA is carried in first response message
Carry out the parameter of complete EAP authentication or EAP re-authentication.
14. the method according to any one of claim 1 to 5,7 to 10, which is characterized in that the safe context, packet
It includes:Pairwise master key PMK.
15. a kind of verification device of key, which is characterized in that including:
Receiving module, for receiving station STA the first request messages that secondary association or while re-associating to access point AP send again,
In, corresponding safe context mark when first request message carries secondary association on the STA or re-associates to the AP
Know;
Module is retrieved, for the safe context of the STA locally preserved according to the safe context identification retrieval;
Judgment module, for judging whether the safe context retrieved is effective;
Authentication module, for when the judging result of the judgment module is effective, directly being carried out at key authentication with the STA
Reason;
Wherein, first request message also carries the random number SNonce of the STA generations;
Wherein, the authentication module includes:First generation unit, for generating random number ANonce, above and below the safety
The literary and described SNonce and ANonce derives pair temporal key PTK, and generates Key Confirmation Key according to the PTK
KCK;First computing unit, for calculating disappearing for the first response message of first request message using the KCK of generation
Cease integrity verification code MIC;First transmitting element, for sending first response message to the STA, wherein, described the
One response message carries the MIC of first response message;First receiving unit, for receiving the STA receiving
State the second request message returned after the first response message;First authentication unit, for verifying that second request message carries
MIC;Alternatively,
The authentication module, including:Second generation unit, for generating random number ANonce;
Second transmitting element, for carrying the first sound of first request message of the ANonce to STA transmissions
Answer message;Second receiving unit, for receiving the second request message that the STA is returned, wherein, second request message is taken
MIC with second request message;Second generation unit is additionally operable to according to the safe context and described
The ANonce and SNonce derives PTK, and generates KCK according to the PTK;Second authentication unit, for using the institute of generation
The MIC that KCK verifies second request message is stated, if the verification passes, triggers the KCK of the generation unit using generation
The MIC of the second response message of second request message is calculated, and the second response is sent from the transmitting element to the STA
Message, wherein, second response message carries the MIC of second response message.
16. device according to claim 15, which is characterized in that safe context mark, including it is following at least it
One:Pairwise master key mark PMKID, pairwise master key PMK sequence numbers and Extensible Authentication Protocol EAP re-authentication agreements
RRK marks or rMSK marks in EAP-RP.
17. device according to claim 15, which is characterized in that if first authentication unit is verified, triggering
The MIC of the second response message of second request message that the KCK of the computing unit generation is calculated, and by sending
Unit sends second response message to the STA, wherein, second response message carries second response message
MIC.
18. device according to claim 15, which is characterized in that the authentication module, including:
Second generation unit, for generating random number ANonce;
Second transmitting element, for carrying the first sound of first request message of the ANonce to STA transmissions
Answer message;
Second receiving unit, for receiving the second request message that the STA is returned, wherein, second request message carries
There is the MIC of second request message;
Second generation unit is additionally operable to according to the safe context and the ANonce and the SNonce derivation
PTK, and KCK is generated according to the PTK;
Second authentication unit, for the KCK of generation to be used to verify the MIC of second request message, if the verification passes,
The generation unit is triggered using the MIC of the second response message of KCK calculating second request message generated, and by
The transmitting element sends the second response message to the STA, wherein, second response message carries second response
The MIC of message.
19. device according to claim 16, which is characterized in that the authentication module, including:
Third generation unit, for generating random number ANonce;
Third transmitting element, for carrying the first sound of first request message of the ANonce to STA transmissions
Answer message;
Third receiving unit, for receiving the second request message that the STA is returned, wherein, second request message carries
There are the random number SNonce of the STA generations and the MIC of second request message;
The third generation unit is additionally operable to according to the safe context and the SNonce and the ANonce derivation
PTK, and Key Confirmation Key KCK is generated according to the PTK;
Third authentication unit, for the KCK of generation to be used to verify the MIC of second request message;
Third computing unit, for when being verified, the second of second request message to be calculated using the KCK of generation
The MIC of response message;
The third transmitting element is additionally operable to send second response message to the STA, wherein, second response disappears
Breath carries the MIC of second response message.
20. the device according to any one of claim 17 to 19, which is characterized in that first request message is certification
Request message, second request message are association request message;Alternatively, first request message is association request message,
Second request message is authentication request message or eapol-key message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210071034.0A CN103313242B (en) | 2012-03-16 | 2012-03-16 | The verification method and device of key |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210071034.0A CN103313242B (en) | 2012-03-16 | 2012-03-16 | The verification method and device of key |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103313242A CN103313242A (en) | 2013-09-18 |
CN103313242B true CN103313242B (en) | 2018-06-12 |
Family
ID=49137921
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210071034.0A Active CN103313242B (en) | 2012-03-16 | 2012-03-16 | The verification method and device of key |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103313242B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4080987A4 (en) * | 2020-01-21 | 2023-05-24 | Huawei Technologies Co., Ltd. | Data transmission method, and device |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9961545B2 (en) * | 2014-06-03 | 2018-05-01 | Qualcomm Incorporated | Systems, methods, and apparatus for authentication during fast initial link setup |
EP3257296B1 (en) * | 2015-02-12 | 2018-08-15 | Telefonaktiebolaget LM Ericsson (publ) | Wireless communications involving a fast initial link setup, fils, discovery frame for network signaling |
CN105188057B (en) * | 2015-08-26 | 2018-07-06 | 上海斐讯数据通信技术有限公司 | A kind of method and system for improving network access authentication safety |
CN105792334A (en) * | 2016-02-26 | 2016-07-20 | 北京联盛德微电子有限责任公司 | Wireless local area network station, wireless local area network access point, and wireless local area network station access methods |
US10623951B2 (en) | 2016-03-09 | 2020-04-14 | Qualcomm Incorporated | WWAN-WLAN aggregation security |
CN107666667B (en) * | 2016-07-29 | 2019-09-17 | 电信科学技术研究院 | A kind of data transmission method, the first equipment and the second equipment |
CN106162645B (en) * | 2016-09-27 | 2017-06-23 | 广州赛意信息科技股份有限公司 | A kind of the quick of Mobile solution reconnects method for authenticating and system |
EP3531750B1 (en) | 2016-10-24 | 2022-05-18 | Sony Group Corporation | Communication apparatus and communication method |
CN106941405A (en) * | 2017-04-28 | 2017-07-11 | 北京星网锐捷网络技术有限公司 | A kind of method and apparatus of terminal authentication in a wireless local area network |
CN109150541B (en) * | 2018-08-15 | 2020-05-19 | 飞天诚信科技股份有限公司 | Authentication system and working method thereof |
WO2020035009A1 (en) | 2018-08-15 | 2020-02-20 | 飞天诚信科技股份有限公司 | Authentication system and working method therefor |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050243769A1 (en) * | 2004-04-28 | 2005-11-03 | Walker Jesse R | Apparatus and method capable of pre-keying associations in a wireless local area network |
WO2006093161A1 (en) * | 2005-03-04 | 2006-09-08 | Matsushita Electric Industrial Co., Ltd. | Key distribution control apparatus, radio base station apparatus, and communication system |
CN101111056B (en) * | 2006-07-17 | 2010-05-12 | 西安电子科技大学 | Fast switching method for wireless local area network |
CN101119199A (en) * | 2006-08-02 | 2008-02-06 | 西安电子科技大学 | Safety fast switch method in wireless local area network |
CN201409222Y (en) * | 2009-05-22 | 2010-02-17 | 刘建 | Terminal security relation establishing device for wireless local area network identification and confidentiality base structure |
US8812833B2 (en) * | 2009-06-24 | 2014-08-19 | Marvell World Trade Ltd. | Wireless multiband security |
-
2012
- 2012-03-16 CN CN201210071034.0A patent/CN103313242B/en active Active
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4080987A4 (en) * | 2020-01-21 | 2023-05-24 | Huawei Technologies Co., Ltd. | Data transmission method, and device |
Also Published As
Publication number | Publication date |
---|---|
CN103313242A (en) | 2013-09-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103313242B (en) | The verification method and device of key | |
JP4897215B2 (en) | Key generation method and apparatus in communication system | |
US8094821B2 (en) | Key generation in a communication system | |
JP5290323B2 (en) | Integrated handover authentication method for next-generation network environment to which radio access technology and mobile IP-based mobility control technology are applied | |
JP2013066220A (en) | Methods and apparatuses generating radio base station key in cellular radio system | |
CN107820239A (en) | Information processing method and device | |
CN103096307A (en) | Secret key verification method and device | |
CN109561431B (en) | WLAN access control system and method based on multi-password identity authentication | |
CN101635922B (en) | Safety communication method of wireless mesh network | |
CN106992866A (en) | It is a kind of based on wireless network access methods of the NFC without certificate verification | |
CN108012269A (en) | A kind of radio switch-in method, device and equipment | |
CN107211488A (en) | It is used for the method to the business datum application safety of reception by what the WLAN node in integrated wireless communications network was performed | |
Zhu et al. | Research on authentication mechanism of cognitive radio networks based on certification authority | |
CN103200004B (en) | Send the method for message, the method for establishing secure connection, access point and work station | |
Haq et al. | Towards Robust and Low Latency Security Framework for IEEE 802.11 Wireless Networks | |
Georgantas | Fast initial authentication, a new mechanism to enable fast WLAN mobility | |
CN103139770A (en) | Method for transmitting paired master cryptography keys in wireless local area network (WLAN) access network and system | |
Lin et al. | Performance Evaluation of the Fast Authentication Schemes in GSM-WLAN Heterogeneous Networks. | |
CN105721403B (en) | For providing the method, equipment and system of wireless network resource | |
Lee et al. | A secure wireless lan access technique for home network | |
KR20060088806A (en) | Method for authorization in wireless portable internet and system thereof | |
Marques et al. | Fast, secure handovers in 802.11: back to the basis | |
TWI514189B (en) | Network certification system and method thereof | |
Fanian et al. | An Efficient Non-Repudiation Billing Protocol in Heterogeneous 3G-WLAN Networks. | |
Fanian et al. | ISeCure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |