CN105553981A - Rapid authentication and key negotiation method for WLAN - Google Patents

Rapid authentication and key negotiation method for WLAN Download PDF

Info

Publication number
CN105553981A
CN105553981A CN201510949601.1A CN201510949601A CN105553981A CN 105553981 A CN105553981 A CN 105553981A CN 201510949601 A CN201510949601 A CN 201510949601A CN 105553981 A CN105553981 A CN 105553981A
Authority
CN
China
Prior art keywords
mobile terminal
sqn
ssid
access point
mac
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510949601.1A
Other languages
Chinese (zh)
Other versions
CN105553981B (en
Inventor
曾勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHENGDU 30RUITONG MOBILE COMMUNICATION Co Ltd
Original Assignee
CHENGDU 30RUITONG MOBILE COMMUNICATION Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHENGDU 30RUITONG MOBILE COMMUNICATION Co Ltd filed Critical CHENGDU 30RUITONG MOBILE COMMUNICATION Co Ltd
Priority to CN201510949601.1A priority Critical patent/CN105553981B/en
Publication of CN105553981A publication Critical patent/CN105553981A/en
Application granted granted Critical
Publication of CN105553981B publication Critical patent/CN105553981B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a rapid authentication and key negotiation method for a WLAN. In the method, a mobile terminal and a wireless access point share a WLAN initial key. When the mobile terminal applies to access a wireless network, the mobile terminal and the access point realize rapid bidirectional authentication based on a symmetric cryptographic algorithm. Meanwhile, a session key for use in a two-party communication is derived to realize secure access and air interface data encryption functions of the WLAN. Through adoption of the rapid authentication and key negotiation method, rapid bidirectional authentication of the mobile terminal and an SSID (Service Set Identifier) access point is realized without any authentication server or X.509 certificate mechanism. The rapid authentication and key negotiation method has the characteristics of security and rapidness, and is suitable for a WLAN application scene having strict requirements on security and access time.

Description

A kind of wlan network rapid authentication and cryptographic key negotiation method
Technical field
The present invention relates to mobile communication security technology area, be specifically related to a kind of wlan network rapid authentication and cryptographic key negotiation method.
Background technology
Also be faced with network unauthorized access and wireless communication information in a wlan and the security threat such as be ravesdropping.Therefore WLAN proposes the standard of authenticating user identification and data encryption.
Early stage WLAN supports shared key authentication and WEP(Wired Equivalent Privacy) data encryption.But shared key authentication does not support two-way authentication, only support that AP is to the certification of STA, therefore exists the risk of personation AP.Secondly also there is encryption key lengths (40bit) and initialization vector IV(24bit in WEP) too short problem.In addition the encryption key of WEP immobilizes, and has had now software to crack easily, is not therefore very safe.
For the safety defect of WEP, IEEE has worked out the safer shielded access of standard WPA(Wi-Fi), for strengthening the fail safe of wlan network.WPA provides EAP(Extensible Authentication Protocol simultaneously) certification and TKIP(Temporal Key Integrirty Protocol) data encryption.But WPA also faces some problems, as WPA certification needs to use certificate server, be not suitable for the application scenarios that some are special.Certification uses X.509 certificate mechanism, and the complicated and inefficiency of process, can not realize quick authentication etc.
Above-mentioned safety approach makes WLAN be not suitable for the special occasions that some are strict to authenticated time requirement, security requirement is high.
Summary of the invention
For solving the problem, the invention provides a kind of wlan network rapid authentication and cryptographic key negotiation method, comprising the steps:
Step one: mobile terminal enters access SSID access point overlay area, produces random number R 1 and sequence number SQN.
Step 2: mobile terminal utilizes initial key Ki to be encrypted MAC_Addr||R1||SQN, obtains E(Ki, MAC_Addr||R1||SQN), then it is sent to SSID access point as authentication request, wherein, MAC_Addr is mobile terminal MAC Address.
Step 3: SSID access point receives E(Ki, MAC_Addr||R1||SQN) after, be handled as follows:
S1. searched the initial key Ki of corresponding mobile terminal by the MAC Address of Frame, and with Ki data decryption frame, obtain the value of MAC_Addr2, R1 and SQN.MAC_Addr2 is that SSID end deciphers the mobile terminal MAC Address obtained.
S2. compare the MAC_Addr that receives Frame and decipher the MAC_Addr2 obtained, if do not waited, stopping certification.If equal, prove that mobile terminal is legal, carry out step S3.
S3. being compared with the SQN preserved in the past by this SQN deciphered, if equal, is Replay Attack, if do not waited, is normal authentication request, carries out step S4.
S4.SSID access point is by the certification to mobile terminal, and SSID access point then preserves R1 and SQN, produces random number R 2 simultaneously.
Step 4: the R1 that SSID access point utilizes deciphering to obtain is encrypted as double secret key SSID||R2||SQN, obtains E(R1, SSID||R2||SQN), then it is sent to mobile terminal as authentication response.
Step 5: mobile terminal receives E(R1, SSID||R2||SQN) after, utilize R1 data decryption frame, obtain the value of SSID2, R2 and SQN2.
Step 5: mobile terminal receives E(R1, SSID||R2||SQN) after, be handled as follows:
S1. utilize R1 data decryption frame, obtain the value of SSID2, R2 and SQN2, SSID2, SQN2 are the value of deciphering and obtaining.
S2. compare and receive SSID expressly and decipher the SSID2 obtained, if do not waited, stop certification, if equal, prove that SSID access point is legal, carry out step S3.
S3. the SQN2 that more original SQN obtains with deciphering, if do not waited, stops certification, if equal, represents that the authentication response received is corresponding with authentication request, carry out step S4.
S4. R2 is recorded.
Step 6: complete two-way authentication, mobile terminal sends acknowledge message ACK to SSID access point.
Step 7: R1||R2 is derived session key SK by hash function (as SHA-1) by mobile terminal and SSID access point simultaneously, derives initial vector IV by SQN by hash function (as SHA-1).
Step 8: mobile terminal and SSID access point utilize the data of SK and IV to transmission to be encrypted, and after often encrypting frame data, IV adds 1 simultaneously.
Further, in step 2, mobile terminal adopts AES encryption algorithm to be encrypted MAC_Addr||R1||SQN.
Further, in step 4, access point adopts AES encryption algorithm to be encrypted SSID||R2||SQN.
Accompanying drawing explanation
Fig. 1 is WLAN wireless security connecting system composition schematic diagram.
Fig. 2 is flow chart of the present invention.
Fig. 3 is the hierarchical structure schematic diagram of key agreement.
Embodiment
Design concept of the present invention is: as shown in Figure 1, and WLAN wireless security connecting system is made up of mobile terminal and WAP (wireless access point), and mobile terminal realizes the access to the various application servers of IP network by WAP (wireless access point).Mobile terminal and WAP (wireless access point) share WLAN initial key, when mobile terminal application access of radio network, mobile terminal and access point realize quick two-way authentication based on symmetric cryptographic algorithm, derive session key during intercommunication, to realize the secure accessing of WLAN and data encryption feature of eating dishes without rice or wine simultaneously.
Figure 2 shows that flow chart of the present invention.Comprise following steps:
Step one: mobile terminal enters access SSID access point overlay area, produces random number R 1 and sequence number SQN.It will be recognized by those skilled in the art that sequence number is disposable.
Step 2: mobile terminal utilizes initial key Ki to be encrypted (can adopt AES or other symmetric encipherment algorithms) MAC_Addr||R1||SQN, obtains E(Ki, MAC_Addr||R1||SQN), then it is sent to access point as authentication request.Wherein, MAC_Addr is MAC Address.
Step 3: SSID access point receives E(Ki, MAC_Addr||R1||SQN) after, be handled as follows:
S1. searched the initial key Ki of corresponding mobile terminal by the MAC Address of Frame, and with Ki data decryption frame, obtain the value of MAC_Addr2, R1 and SQN.MAC_Addr2 is that SSID end deciphers the mobile terminal MAC Address obtained.
S2. compare the MAC_Addr that receives Frame and decipher the MAC_Addr2 obtained, if do not waited, stopping certification.If equal, prove that mobile terminal is legal, carry out step S3.
S3. being compared with the SQN preserved in the past by this SQN deciphered, if equal, is Replay Attack, if do not waited, is normal authentication request, carries out step S4.
S4.SSID access point is by the certification to mobile terminal, and SSID access point then preserves R1 and SQN, produces random number R 2 simultaneously.
Step 4: the R1 that SSID access point utilizes deciphering to obtain is encrypted as double secret key SSID||R2||SQN, obtains E(R1, SSID||R2||SQN), then it is sent to mobile terminal as authentication response.KE adopts AES encryption to calculate or other are encrypted SSID||R2||SQN this cryptographic algorithm.
Step 5: mobile terminal receives E(R1, SSID||R2||SQN) after, be handled as follows:
S1. utilize R1 data decryption frame, obtain the value of SSID2, R2 and SQN2, SSID2, SQN2 are the value of deciphering and obtaining.
S2. compare and receive SSID expressly and decipher the SSID2 obtained, if do not waited, stop certification, if equal, prove that SSID access point is legal, carry out step S3.
S3. the SQN2 that more original SQN obtains with deciphering, if do not waited, stop certification, if equal, represent that the authentication response received is corresponding with authentication request, carry out step S4.
S4. R2 is recorded.
Step 6: complete two-way authentication, mobile terminal sends acknowledge message ACK to SSID access point.
Step 7: R1||R2 is derived session key SK by hash function (as SHA-1) by mobile terminal and SSID access point simultaneously, derives initial vector IV by SQN by hash function (as SHA-1).
Step 8: mobile terminal and SSID access point utilize the data of SK and IV to transmission to be encrypted, and after often encrypting frame data, IV adds 1 simultaneously.
The hierarchical structure of key agreement as shown in Figure 3.Ki realizes the encipherment protection to R1.R1 realizes the encipherment protection to R2.R1 and R2 derives SK by hash function after merging.Ki realizes the encipherment protection to SQN.SQN derives IV by hash function.SK and IV realizes being encrypted protection to the communication data of WLAN together, often encrypts a frame data IV and adds 1.
Beneficial effect of the present invention is:
1. the present invention without the need to certificate server and X.509 certificate mechanism achieve the quick two-way authentication of mobile terminal and SSID access point, there is safe and efficient feature, be applicable to WLAN application scenarios fail safe and turn-on time being had to strict demand.
2. by encrypting MAC Address, the MAC Address of deciphering extraction in the MAC Address of the Frame received and Frame can compare by SSID access point, effectively can resist personation mobile terminal access wlan network.
3. by encrypting SSID, the SSID deciphering extraction in the plaintext SSID received and Frame can compare by mobile terminal, effectively can resist personation SSID access point and cheat mobile terminal.
4. identification sequences SQN produces at every turn at random, effectively can resist Replay Attack.
5. both sides' session key produces by during two-way authentication temporarily, realizes one-time pad security mechanism, has higher fail safe.
6. the session key SK derived by key agreement mechanisms and initial vector IV can be directly used in the WLAN cryptographic protocols such as WPA and WPA2, compatible good.

Claims (3)

1. wlan network rapid authentication and a cryptographic key negotiation method, is characterized in that, comprises the steps:
Step one: mobile terminal enters access SSID access point overlay area, produces random number R 1 and sequence number SQN;
Step 2: mobile terminal utilizes initial key Ki to be encrypted MAC_Addr||R1||SQN, obtains E(Ki, MAC_Addr||R1||SQN), then it is sent to SSID access point as authentication request, wherein, MAC_Addr is mobile terminal MAC Address;
Step 3: SSID access point receives E(Ki, MAC_Addr||R1||SQN) after, be handled as follows:
S1. searched the initial key Ki of corresponding mobile terminal by the MAC Address of Frame, and with Ki data decryption frame, obtain the value of MAC_Addr2, R1 and SQN; MAC_Addr2 is that SSID end deciphers the mobile terminal MAC Address obtained;
S2. compare the MAC_Addr that receives Frame and decipher the MAC_Addr2 obtained, if do not waited, stopping certification; If equal, prove that mobile terminal is legal, carry out step S3;
S3. being compared with the SQN preserved in the past by this SQN deciphered, if equal, is Replay Attack, if do not waited, is normal authentication request, carries out step S4;
S4.SSID access point is by the certification to mobile terminal, and SSID access point then preserves R1 and SQN, produces random number R 2 simultaneously;
Step 4: the R1 that SSID access point utilizes deciphering to obtain is encrypted as double secret key SSID||R2||SQN, obtains E(R1, SSID||R2||SQN), then it is sent to mobile terminal as authentication response;
Step 5: mobile terminal receives E(R1, SSID||R2||SQN) after, utilize R1 data decryption frame, obtain the value of SSID2, R2 and SQN2;
Step 5: mobile terminal receives E(R1, SSID||R2||SQN) after, be handled as follows:
S1. utilize R1 data decryption frame, obtain the value of SSID2, R2 and SQN2, SSID2, SQN2 are the value of deciphering and obtaining;
S2. compare and receive SSID expressly and decipher the SSID2 obtained, if do not waited, stop certification, if equal, prove that SSID access point is legal, carry out step S3;
S3. the SQN2 that more original SQN obtains with deciphering, if do not waited, stops certification, if equal, represents that the authentication response received is corresponding with authentication request, carry out step S4;
S4. R2 is recorded;
Step 6: complete two-way authentication, mobile terminal sends acknowledge message ACK to SSID access point;
Step 7: R1||R2 is derived session key SK by hash function (as SHA-1) by mobile terminal and SSID access point simultaneously, derives initial vector IV by SQN by hash function (as SHA-1);
Step 8: mobile terminal and SSID access point utilize the data of SK and IV to transmission to be encrypted, and after often encrypting frame data, IV adds 1 simultaneously.
2. wlan network rapid authentication as claimed in claim 1 and cryptographic key negotiation method, is characterized in that, in step 2, mobile terminal adopts AES encryption algorithm to be encrypted MAC_Addr||R1||SQN.
3. wlan network rapid authentication as claimed in claim 1 or 2 and cryptographic key negotiation method, is characterized in that, in step 4, SSID access point adopts AES encryption algorithm to be encrypted SSID||R2||SQN.
CN201510949601.1A 2015-12-18 2015-12-18 A kind of wlan network rapid authentication and cryptographic key negotiation method Active CN105553981B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510949601.1A CN105553981B (en) 2015-12-18 2015-12-18 A kind of wlan network rapid authentication and cryptographic key negotiation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510949601.1A CN105553981B (en) 2015-12-18 2015-12-18 A kind of wlan network rapid authentication and cryptographic key negotiation method

Publications (2)

Publication Number Publication Date
CN105553981A true CN105553981A (en) 2016-05-04
CN105553981B CN105553981B (en) 2019-03-22

Family

ID=55832917

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510949601.1A Active CN105553981B (en) 2015-12-18 2015-12-18 A kind of wlan network rapid authentication and cryptographic key negotiation method

Country Status (1)

Country Link
CN (1) CN105553981B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106375301A (en) * 2016-08-30 2017-02-01 成都源知信息技术有限公司 Network device authentication method and device
CN107124724A (en) * 2017-05-24 2017-09-01 中国运载火箭技术研究院 A kind of Rare Book Use case system cross-network segment multinode network managing device
CN107302544A (en) * 2017-08-15 2017-10-27 迈普通信技术股份有限公司 Certificate request method, wireless access control equipment and wireless access point device
CN108377495A (en) * 2016-10-31 2018-08-07 华为技术有限公司 A kind of data transmission method, relevant device and system
CN109474438A (en) * 2018-12-24 2019-03-15 公安部第三研究所 It is a kind of based on the intelligent terminal access authentication method selectively revealed
CN111163468A (en) * 2018-11-08 2020-05-15 北京华为数字技术有限公司 Communication connection method and device
CN111800788A (en) * 2020-09-08 2020-10-20 全讯汇聚网络科技(北京)有限公司 Method, terminal and system for Wi-Fi connection management
CN112260987A (en) * 2020-09-10 2021-01-22 西安电子科技大学 Bidirectional security authentication method and system in digital content protection system
CN113573307A (en) * 2021-07-28 2021-10-29 西安热工研究院有限公司 Rapid authentication method based on extensible authentication protocol
CN117641339A (en) * 2024-01-18 2024-03-01 中国电子科技集团公司第三十研究所 System and method for fast application layer authentication and key agreement

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3584991A1 (en) * 2018-06-18 2019-12-25 Koninklijke Philips N.V. Device for data encryption and integrity

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003077467A1 (en) * 2002-03-08 2003-09-18 Huawei Technologies Co., Ltd. The method for distributes the encrypted key in wireless lan
CN1534935A (en) * 2003-03-31 2004-10-06 华为技术有限公司 Key distribution method based on preshared key
CN102223633A (en) * 2011-07-06 2011-10-19 华为技术有限公司 Method, device and system for authenticating wireless local area network (WLAN)
CN103002442A (en) * 2012-12-20 2013-03-27 邱华 Safe wireless local area network key distribution method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003077467A1 (en) * 2002-03-08 2003-09-18 Huawei Technologies Co., Ltd. The method for distributes the encrypted key in wireless lan
CN1534935A (en) * 2003-03-31 2004-10-06 华为技术有限公司 Key distribution method based on preshared key
CN102223633A (en) * 2011-07-06 2011-10-19 华为技术有限公司 Method, device and system for authenticating wireless local area network (WLAN)
CN103002442A (en) * 2012-12-20 2013-03-27 邱华 Safe wireless local area network key distribution method

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106375301A (en) * 2016-08-30 2017-02-01 成都源知信息技术有限公司 Network device authentication method and device
CN106375301B (en) * 2016-08-30 2020-01-03 成都源知信息技术有限公司 Network equipment authentication method and authentication equipment
CN108377495B (en) * 2016-10-31 2021-10-15 华为技术有限公司 Data transmission method, related equipment and system
CN108377495A (en) * 2016-10-31 2018-08-07 华为技术有限公司 A kind of data transmission method, relevant device and system
US11228908B2 (en) 2016-10-31 2022-01-18 Huawei Technologies Co., Ltd. Data transmission method and related device and system
CN107124724A (en) * 2017-05-24 2017-09-01 中国运载火箭技术研究院 A kind of Rare Book Use case system cross-network segment multinode network managing device
CN107302544A (en) * 2017-08-15 2017-10-27 迈普通信技术股份有限公司 Certificate request method, wireless access control equipment and wireless access point device
CN107302544B (en) * 2017-08-15 2019-09-13 迈普通信技术股份有限公司 Certificate request method, wireless access control equipment and wireless access point device
CN111163468A (en) * 2018-11-08 2020-05-15 北京华为数字技术有限公司 Communication connection method and device
CN109474438A (en) * 2018-12-24 2019-03-15 公安部第三研究所 It is a kind of based on the intelligent terminal access authentication method selectively revealed
CN109474438B (en) * 2018-12-24 2021-08-17 公安部第三研究所 Intelligent terminal access authentication method based on selective leakage
CN111800788B (en) * 2020-09-08 2021-02-02 全讯汇聚网络科技(北京)有限公司 Method, terminal and system for Wi-Fi connection management
CN111800788A (en) * 2020-09-08 2020-10-20 全讯汇聚网络科技(北京)有限公司 Method, terminal and system for Wi-Fi connection management
CN112260987A (en) * 2020-09-10 2021-01-22 西安电子科技大学 Bidirectional security authentication method and system in digital content protection system
CN113573307A (en) * 2021-07-28 2021-10-29 西安热工研究院有限公司 Rapid authentication method based on extensible authentication protocol
CN113573307B (en) * 2021-07-28 2024-01-30 西安热工研究院有限公司 Rapid authentication method based on extensible authentication protocol
CN117641339A (en) * 2024-01-18 2024-03-01 中国电子科技集团公司第三十研究所 System and method for fast application layer authentication and key agreement
CN117641339B (en) * 2024-01-18 2024-04-09 中国电子科技集团公司第三十研究所 System and method for fast application layer authentication and key agreement

Also Published As

Publication number Publication date
CN105553981B (en) 2019-03-22

Similar Documents

Publication Publication Date Title
CN105553981B (en) A kind of wlan network rapid authentication and cryptographic key negotiation method
US10218501B2 (en) Method, device, and system for establishing secure connection
US10638321B2 (en) Wireless network connection method and apparatus, and storage medium
US9392453B2 (en) Authentication
US8429404B2 (en) Method and system for secure communications on a managed network
EP2900006B1 (en) Method and system for securely accessing portable hotspot of smart phones
CN107005927B (en) Access method, device and system of User Equipment (UE)
US20060094401A1 (en) Method and apparatus for authentication of mobile devices
EP3051744A1 (en) Key configuration method and apparatus
CN108880813B (en) Method and device for realizing attachment process
Wong The evolution of wireless security in 802.11 networks: WEP, WPA and 802.11 standards
CN101820629A (en) Identity authentication method, device and system in wireless local area network (WLAN)
Khasawneh et al. A survey on Wi-Fi protocols: WPA and WPA2
CN105577365A (en) Key consultation method and device for user' access to WLAN
CN111866881A (en) Wireless local area network authentication method and wireless local area network connection method
CN105141629A (en) Method for improving network security of public Wi-Fi based on WPA/WPA2 PSK multiple passwords
JP2003143128A (en) Communication system and communication method
JP4550759B2 (en) Communication system and communication apparatus
US9356931B2 (en) Methods and apparatuses for secure end to end communication
US11019037B2 (en) Security improvements in a wireless data exchange protocol
Leu et al. Improving security level of LTE authentication and key agreement procedure
CN103096317A (en) Two-way authentication method and system based on sharing enciphered data
Sharma et al. A review on wireless network security
CN104902467A (en) Access method for wireless local area network (WLAN) based on near field communication (NFC)
Jain et al. Penetration Testing of Wireless EncryptionProtocols

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant