CN112235108B - 802.1X-based EAP-TLS authentication system - Google Patents

802.1X-based EAP-TLS authentication system Download PDF

Info

Publication number
CN112235108B
CN112235108B CN202011251833.7A CN202011251833A CN112235108B CN 112235108 B CN112235108 B CN 112235108B CN 202011251833 A CN202011251833 A CN 202011251833A CN 112235108 B CN112235108 B CN 112235108B
Authority
CN
China
Prior art keywords
server
client
random number
certificate
access point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011251833.7A
Other languages
Chinese (zh)
Other versions
CN112235108A (en
Inventor
介银娟
杨新民
杨东
王文庆
崔逸群
毕玉冰
刘超飞
高原英
邓楠轶
董夏昕
朱博迪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Thermal Power Research Institute Co Ltd
Original Assignee
Xian Thermal Power Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Thermal Power Research Institute Co Ltd filed Critical Xian Thermal Power Research Institute Co Ltd
Priority to CN202011251833.7A priority Critical patent/CN112235108B/en
Publication of CN112235108A publication Critical patent/CN112235108A/en
Application granted granted Critical
Publication of CN112235108B publication Critical patent/CN112235108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)

Abstract

An EAP-TLS authentication system based on 802.1X comprises a client module, an access point module and a server module; the client and the server respectively sign the certificate and the random number, and the client, the access point and the server respectively decrypt the signature and perform mutual authentication, so that the validity of an authentication entity is ensured, and man-in-the-middle attack is effectively resisted; the client verifies the legitimacy of the server certificate, uses the server public key for verifying the legitimacy to carry out RSA asymmetric encryption on the identity of the client, and sends the bound identity and the certificate to an authenticator together, thereby effectively preventing identity attack; and an AES symmetric encryption mechanism is used for encrypting the EAP-Success, so that an attacker is prevented from directly intercepting an EAP-Success response packet, and DoS attack is effectively resisted.

Description

802.1X-based EAP-TLS authentication system
Technical Field
The invention belongs to the technical field of computer information security, and particularly relates to an EAP-TLS authentication system based on 802.1X.
Background
With the development of network technology, network security is of great importance. At present, an EAP-TLS Authentication system based on 802.1X is most widely applied, and mutual Authentication between a Client (Client), an Access Point (Access Point), and a Server (Server) is implemented, where an EAP protocol is used between the Client and the Access Point, a message is encapsulated In an eapol (EAP over lan) format, and an radius (remote Authentication Dial In User service) protocol is used between the Access Point and the Server. However, while providing authentication services, the EAP-TLS authentication method also has many security problems, such as: man-in-the-middle attacks, identity attacks, DoS attacks, and the like cause authentication failure among the client, the access point, and the server.
Therefore, the important research on the EAP-TLS extended authentication method takes improving the security of the current EAP-TLS authentication scheme as a basic starting point, analyzes the security problem of the current mainstream EAP-TLS authentication scheme, and has important significance on the current EAP-TLS protocol.
Disclosure of Invention
Aiming at the defects in the existing authentication method, the invention aims to provide an EAP-TLS authentication system based on 802.1X, which is used for solving the security problem existing in the existing mainstream EAP-TLS authentication scheme.
In order to achieve the purpose, the invention provides the following technical scheme:
an EAP-TLS authentication system based on 802.1X comprises a client module 1, an access point module 2 and a server module 3;
the client module 1 comprises a client request module 11 and a client response module 12, wherein:
a client request module 11 for generating a random number P, using a shared secret K between the client and the access point C,AP Encrypting the random number P, and sending EAP start, time stamp t and AES encrypted packet to the access point
Figure BDA0002771818780000021
Generating EAP identity Response packet EAP-Response/IDC, Client Hello, Client certificate, ECDSA signature private key sprk C Encrypting the Client certificate, the timestamp t and the random number Q, simultaneously encrypting the Client certificate, the timestamp t and the random number N, and sending an RSA encryption packet to the access point
Figure BDA0002771818780000022
(EAP-Response/IDC | | | Client hello), Client certificate, ECDSA signature
Figure BDA0002771818780000023
(Client certificate Q t), ECDSA signature
Figure BDA0002771818780000024
(Client certificate N t) and a timestamp t, wherein the Client hello comprises a TLS version number TLS version, a session ID, a Client random number, a Client supported encryption algorithm cipher unit and a shared secret key K between the Client and the server C,S The Client certificate comprises version, serial number, signature algorithm signature, issuer, validity period, user subject, ECDSA signature public key, spur C And RSA encrypted public key puk C (ii) a Generating a Client finished flag bit Client finished label and a changed password detail change cipher spc, generating a main key by using a Client random number and a server random number, generating a Client finished message packet by adopting a hash algorithm, and sending the Client finished message packet, the changed password detail change cipher spc, a timestamp t and the Client finished flag bit Client finished label to an access point;
a client response module 12, configured to verify the legitimacy of the server and the access point; verifying the integrity of the server-to-client message;
the access point module 2 includes an access point request module 21 and an access point response module 22, wherein:
an access point request module 21 for generating a random number M using a shared secret K between the access point and the server AP,S Encrypting random numbers P and M, and sending EAP starting packet EAP start, time stamp t and AES encryption packet to server
Figure BDA0002771818780000031
(P | | M); generating a random number Q using a shared secret key K between a client and a server C,AP Encrypting the random number Q and the random number N, and sending an EAP identity Request packet EAP-Request/ID to the client i Server hello, AES encrypted packets
Figure BDA0002771818780000032
(Q | | N), server certificate and ECDSA signature packet
Figure BDA0002771818780000033
(server certificate P T) and a timestamp t; sending RSA encrypted packets to a server
Figure BDA0002771818780000034
(EAP-Response/IDC | | | Client hello), Client certificate, ECDSA signature packet
Figure BDA0002771818780000035
(client certificate N t) and a timestamp t; sending a server completion message packet server Finished, a changed password detail change cipher spc, a timestamp t and a server completion flag bit server Finished label to a client;
access point response module 22 for decrypting
Figure BDA0002771818780000036
(P) and storing the random number P; the access point verifies the validity of the server; the access point verifies the validity of the client; receiving server completion message packet server sent by serverFinished, change password details change cipher spc, t and server finish marker position server Finished label; receiving a Client finished message packet, a change password detail cipher spc, a timestamp t and a Client finished flag bit Client finished label sent by a Client;
the server module 3 includes a server request module 31 and a server response module 32, wherein:
a server Request module 31 for generating a random number N, EAP identity Request packet EAP-Request/ID i Server hello, server certificate using shared secret key K AP,S Encrypting the random number N, ECDSA signature private key sprk S Encrypting the server certificate, the timestamp t and the random number M, simultaneously encrypting the server certificate, the timestamp t and the random number P, and sending an EAP identity Request packet EAP-Request/ID to an access point i Server hello, AES symmetric encrypted packet
Figure BDA0002771818780000041
(N), server certificate, ECDSA signature
Figure BDA0002771818780000042
(server certificate P T) and ECDSA signatures
Figure BDA0002771818780000043
(server certificate M | | t) and time stamp t, wherein server hello includes TLS version number TLS version, session ID, server random number and server supported encryption algorithm cipher sub, and server certificate includes version, serial number, signature algorithm signaturhm, issuer, validity, user subject, signature public key suk S And an encrypted public key puk S (ii) a Generating a server finish flag bit server finished label and changing password details change cipher spc, enabling the Client random number and the server random number to generate a master key of a server finish message packet server finish, and adoptingThe Hash algorithm generates a server completion message packet server Finished, and sends the server completion message packet server Finished, the password detail change cipher spc, the timestamp t and the server completion flag bit server Finished label to the access point;
server response module 32 for decryption
Figure BDA0002771818780000051
(P M) and storing random numbers P and M; and verifying the legality of the client and the access point.
The client response module 12 is used for verifying the legitimacy of the server and the access point; verifying the integrity of the server-to-client message specifically as follows: decryption
Figure BDA0002771818780000052
(Q | | N), obtaining a random number Q and a random number N, and then obtaining a signature public key suk from a server certificate S Using a spuk S Decrypting ECDSA signatures
Figure BDA0002771818780000053
(server certificate P | | | t) obtaining a server certificate, a timestamp t and a random number P, comparing the timestamp t, if the server certificate and the server certificate sent by the access point are consistent, if the server certificate and the server certificate server are consistent, the client successfully verifies the server, meanwhile, the random number P is compared with the random number P generated by the client, and if the server certificate and the server certificate server are consistent, the client successfully verifies the access point; generating a master key by using a Client random number and a server random number, calculating a server completion message packet server finish, comparing the server finish message packet with the server finish message sent by the access point, and if the server finish message packet is consistent with the server finish message sent by the access point, the message sent by the server to the Client is complete; sharing a secret key K using AES C,S Decryption
Figure BDA0002771818780000054
(EAP-success), get EAP-success response packet, the authentication process is over.
The describedAccess point response module 22 for decrypting
Figure BDA0002771818780000061
(P) and storing the random number P; the access point verifies the validity of the server; the access point verifies the validity of the client, specifically: using a shared secret key K AP,S Decrypting to obtain and store the random number N, and then obtaining a signature public key spuk from the server certificate S Using a spuk S Decrypting ECDSA signatures
Figure BDA0002771818780000062
(server certificate M t) obtaining a server certificate, a timestamp t and a random number M, comparing the timestamp t, if the timestamp t is consistent, then comparing the random number M with the random number M generated by the access point, and if the timestamp t is consistent, the access point successfully verifying the server; using the signature public key spuk in the Client certificate C Decrypting the ECDSA signature
Figure BDA0002771818780000063
The Client certificate, the timestamp t and the random number Q are obtained (the Client certificate, the timestamp t and the random number Q are obtained), the timestamp t is compared, if the timestamp t is consistent, the random number Q is compared with the random number Q generated by the access point, and if the timestamp t is consistent, the access point successfully verifies the Client.
The server response module 32 verifies the validity of the client and the access point, specifically: using the private signature key prk S Decrypting ECDSA signatures
Figure BDA0002771818780000064
(EAP-Response/IDC | | | Client hello) obtaining EAP identity Response packet EAP-Response/ID C And Client hello, using the public signature key spuk in the Client certificate C Decrypting the signature to obtain a Client certificate, a timestamp t and a random number N, comparing the timestamp t, if the timestamp t is consistent, then comparing the Client certificate with the Client certificate directly sent by the access point, if the timestamp t is consistent, the server verifies that the Client succeeds, and meanwhile, the server randomly verifies that the Client certificate is successfulAnd comparing the number N with the random number N generated by the server, and if the number N is consistent with the random number N generated by the server, successfully verifying the access point by the server.
Compared with the prior art, the invention has the following advantages:
1. the invention adopts an ECDSA signature mechanism, the client and the server respectively carry out signature on the certificate and the random number, and the client, the access point and the server respectively carry out decryption signature and mutual authentication, thereby ensuring the validity of the authentication entity and effectively resisting man-in-the-middle attacks.
2. The server signs the self certificate by using an ECDSA signature mechanism, the client verifies the legality of the server certificate, the server public key for verifying the legality is used for carrying out RSA asymmetric encryption on the self identity, and the bound identity and the certificate are sent to the authenticator together, so that identity attack is effectively prevented.
3. The server encrypts the EAP-Success by using an AES symmetric encryption mechanism, prevents an attacker from directly intercepting the EAP-Success response packet, and effectively resists DoS attack.
Drawings
FIG. 1 is a schematic diagram of the overall system framework of the present invention.
In the figure: 1. the system comprises a client module 2, an access point module 3, a server module 11, a client request module 12, a client response module 21, an access point request module 22, an access point response module 31, a server request module 32 and a server response module.
Detailed Description
The invention is described in further detail below with reference to the figures and the specific embodiments.
Referring to fig. 1: the EAP-TLS authentication system based on 802.1X comprises a client module 1, an access point module 2 and a server module 3.
The client module 1 comprises a client request module 11 and a client response module 12, wherein:
a client request module 11 for generating a random number P, using a shared secret K between the client and the access point C,AP Encrypting the random number P, sending EAP start, timestamp to the access pointt and AES encrypted packets
Figure BDA0002771818780000081
(P); generating EAP identity Response packet EAP-Response/IDC, Client Hello, Client certificate, ECDSA signature private key sprk C Encrypting the Client certificate, the timestamp t and the random number Q, simultaneously encrypting the Client certificate, the timestamp t and the random number N, and sending an RSA encryption packet to the access point
Figure BDA0002771818780000082
(EAP-Response/IDC | | | Client hello), Client certificate, ECDSA signature
Figure BDA0002771818780000083
(Client certificate Q t), ECDSA signature
Figure BDA0002771818780000084
(Client certificate | | N | | | t) and a timestamp t, wherein the Client hello comprises a TLS version number TLS version, a session ID, a Client random number, a Client supported encryption algorithm cipher unit and an AES shared key K between the Client and the server C,S The Client certificate comprises version, serial number, signature algorithm signature, issuer, validity period, user subject, ECDSA signature public key, spur C And RSA encrypted public key puk C (ii) a Generating a Client finished flag bit Client finished label and a changed password detail change cipher spc, generating a main key by using a Client random number and a server random number, generating a Client finished message packet by adopting a hash algorithm, and sending the Client finished message packet, the changed password detail change cipher spc, a timestamp t and the Client finished flag bit Client finished label to an access point;
client response module 12 for decryption
Figure BDA0002771818780000085
(Q | | N), obtaining a random number Q and a random number N, and then obtaining a signature public key suk from a server certificate S Using a spuk S Decrypting ECDSA signatures
Figure BDA0002771818780000091
(server certificate P | | | t) obtaining a server certificate, a timestamp t and a random number P, comparing the timestamp t, if the server certificate and the server certificate sent by the access point are consistent, if the server certificate and the server certificate server are consistent, the client successfully verifies the server, meanwhile, the random number P is compared with the random number P generated by the client, and if the server certificate and the server certificate server are consistent, the client successfully verifies the access point; generating a master key by using a Client random number and a server random number, calculating a server completion message packet server finish, comparing the server finish message packet with the server finish message sent by the access point, and if the server finish message packet is consistent with the server finish message sent by the access point, the message sent by the server to the Client is complete; sharing secret key KC using AES ,S Decryption
Figure BDA0002771818780000092
(EAP-success), get EAP-success response packet, the authentication process is over.
The access point module 2 includes an access point request module 21 and an access point response module 22, wherein:
an access point request module 21 for generating a random number M using a shared secret K between the access point and the server AP,S Encrypting random numbers P and M, and sending EAP starting packet EAP start, time stamp t and AES encryption packet to server
Figure BDA0002771818780000093
(P | | M); generating a random number Q using a shared secret key K between a client and a server C,AP Encrypting the random number Q and the random number N, and sending an EAP identity Request packet EAP-Request/ID to the client i Server hello, AES encrypted packets
Figure BDA0002771818780000094
(Q | | N), server certificate and ECDSA signature packet
Figure BDA0002771818780000095
(server certificate P T) and a timestamp t; sending RSA encrypted packets to a server
Figure BDA0002771818780000096
(EAP-Response/IDC | | | Client hello), Client certificate, ECDSA signature packet
Figure BDA0002771818780000101
(client certificate N t) and a timestamp t; sending a server completion message packet server Finished, a changed password detail change cipher spc, a timestamp t and a server completion flag bit server Finished label to a client; sending to the client
Figure BDA0002771818780000102
(EAP-success) and a timestamp t;
access point response module 22 for decrypting
Figure BDA0002771818780000103
(P) and storing the random number P; using a shared secret key K AP,S Decrypting to obtain and store the random number N, and then obtaining a signature public key spuk from a server certificate S Using a spuk S Decrypting ECDSA signatures
Figure BDA0002771818780000104
(server certificate M t) obtaining a server certificate, a timestamp t and a random number M, comparing the timestamp t, if the timestamp t is consistent, then comparing the random number M with the random number M generated by the access point, and if the timestamp t is consistent, the access point successfully verifying the server; using the public signature key spuk in the Client certificate C Decrypting the ECDSA signature
Figure BDA0002771818780000105
(Client certificateI Q I T) to obtain a Client certificate, a timestamp t and a random number Q, comparing the timestamp t, if the timestamp t is consistent, then comparing the random number Q with the random number Q generated by the access point, and if the timestamp t is consistent, the access point successfully verifies the Client; receiving a server completion message packet server Finished, a changed password detail change cipher spc, a timestamp t and a server completion flag bit server Finished label sent by a server; receiving a Client finished message packet, a change password detail cipher spc, a timestamp t and a Client finished flag bit Client finished label sent by a Client; receiving
Figure BDA0002771818780000106
(EAP-success) and a timestamp t;
the server module 3 includes a server request module and a server response module, wherein:
a server Request module 31 for generating a random number N, EAP identity Request packet EAP-Request/ID i Server hello, server certificate using shared secret key K AP,S Encrypting the random number N, ECDSA signature private key sprk S Encrypting the server certificate, the timestamp t and the random number M, simultaneously encrypting the server certificate, the timestamp t and the random number P, and sending an EAP identity Request packet EAP-Request/ID to an access point i Server hello, AES symmetric encrypted packet
Figure BDA0002771818780000111
(N), server certificate, ECDSA signature
Figure BDA0002771818780000112
(server certificate P T) and ECDSA signatures
Figure BDA0002771818780000113
(server certificate M | | t) and a timestamp t, wherein the server hello comprises a TLS version number TLS version, a session ID, a server random number and a server-supported encryption algorithm cipher suit, and a server certhe tifect contains version, serial number, signature algorithm, issuer, validity period, user subject, signature public key, spur S And an encrypted public key puk S (ii) a Generating a server completion flag bit server refined label and changing password details change cipher spc, enabling a Client random number and a server random number to generate a master key of the server completion message packet server, generating a server completion message packet server refined by adopting a hash algorithm, and sending the server completion message packet server Finished, changing the password details change cipher spc, a timestamp t and the server completion flag bit server refined label to an access point; generating EAP success response packet EAP-success, using shared secret key KC in client hello packet ,S Performing AES encryption and sending to the access point
Figure BDA0002771818780000121
(EAP-success) and a timestamp t;
server response module 32 for decryption
Figure BDA0002771818780000122
(P M) and storing random numbers P and M; using the private signature key prk S Decrypting ECDSA signatures
Figure BDA0002771818780000123
(EAP-Response/IDC | | | Client hello) obtaining EAP identity Response packet EAP-Response/ID C And Client hello, using the public signature key spuk in the Client certificate C Decrypting the signature to obtain a Client certificate, a timestamp t and a random number N, comparing the timestamp t, if the Client certificate and the random number are consistent, then comparing the Client certificate and the Client certificate directly sent by the access point, if the Client certificate and the Client certificate are consistent, successfully verifying the Client by the server, and simultaneously comparing the random number N with the random number N generated by the server, if the Client certificate and the random number are consistent, successfully verifying the access point by the server.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.

Claims (4)

1. An EAP-TLS authentication system based on 802.1X comprises a client module 1, an access point module 2 and a server module 3; it is characterized in that the preparation method is characterized in that,
the client module 1 comprises a client request module 11 and a client response module 12, wherein:
a client request module 11 for generating a random number P, using a shared secret K between the client and the access point C,AP Encrypting the random number P, and sending EAP start, time stamp t and AES encrypted packet to the access point
Figure FDA0003781995870000011
Generating EAP identity Response packet EAP-Response/IDC, Client Hello, Client certificate, ECDSA signature private key sprk C Encrypting the Client certificate, the timestamp t and the random number Q, simultaneously encrypting the Client certificate, the timestamp t and the random number N, and sending an RSA encryption packet to the access point
Figure FDA0003781995870000012
Client certificate, ECDSA signature
Figure FDA0003781995870000013
ECDSA signatures
Figure FDA0003781995870000014
And a time stamp t, wherein the Client hello comprises a TLS version number TLS version, a session ID, a Client random number, and a Client supported encryption algorithmLegal cipher unit and shared key K between client and server C,S The Client certificate comprises version, serial number, signature algorithm signature, issuer, validity period, user subject, ECDSA signature public key, spur C And RSA encrypted public key puk C (ii) a Generating a Client finished flag bit Client finished label and a changed password detail change cipher spc, generating a main key by using a Client random number and a server random number, generating a Client finished message packet by adopting a hash algorithm, and sending the Client finished message packet, the changed password detail change cipher spc, a timestamp t and the Client finished flag bit Client finished label to an access point;
a client response module 12, configured to verify the legitimacy of the server and the access point; verifying the integrity of the server-to-client message;
the access point module 2 includes an access point request module 21 and an access point response module 22, wherein:
an access point request module 21 for generating a random number M using a shared secret K between the access point and the server AP,S Encrypting random numbers P and M, and sending EAP starting packet EAP start, time stamp t and AES encryption packet to server
Figure FDA0003781995870000021
Generating a random number Q using a shared secret key K between a client and a server C,AP Encrypting the random number Q and the random number N, and sending an EAP identity Request packet EAP-Request/ID to the client i Server hello, AES encrypted packets
Figure FDA0003781995870000022
Server certificate and ECDSA signature packet
Figure FDA0003781995870000023
And a timestamp t; sending RSA encrypted packets to a server
Figure FDA0003781995870000024
Client certificate, ECDSA signature packet
Figure FDA0003781995870000025
And a timestamp t; sending a server completion message packet server Finished, a changed password detail change cipher spc, a timestamp t and a server completion flag bit server Finished label to a client;
access point response module 22 for decrypting
Figure FDA0003781995870000026
And stores the random number P; the access point verifies the validity of the server; the access point verifies the validity of the client; receiving a server completion message packet server Finished, a password detail change cipher spc, a t and a server completion flag bit server Finished label sent by a server; receiving a Client finished message packet, a change password detail cipher spc, a timestamp t and a Client finished flag bit Client finished label sent by a Client;
the server module 3 includes a server request module 31 and a server response module 32, wherein:
a server Request module 31 for generating a random number N, EAP identity Request packet EAP-Request/ID i And server hello, using shared secret key K AP,S Encrypting the random number N, ECDSA signature private key sprk S Encrypting the server certificate, the timestamp t and the random number M, simultaneously encrypting the server certificate, the timestamp t and the random number P, and sending an EAP identity Request packet EAP-Request/ID to an access point i Server hello, AES symmetric encrypted packet
Figure FDA0003781995870000031
Server certificate, ECDSA signature
Figure FDA0003781995870000032
And ECDSA signatures
Figure FDA0003781995870000033
And a timestamp t, wherein the server hello comprises a TLS version number TLS version, a session ID, a server random number and a server supported encryption algorithm cipher sub, and the server certificate comprises a version, a serial number, a signature algorithm, an issuer, a validity period, a user subject, a signature public key, a S And an encrypted public key puk S (ii) a Generating a server completion flag bit server refined label and changing password details change cipher spc, enabling a Client random number and a server random number to generate a master key of the server completion message packet server, generating a server completion message packet server refined by adopting a hash algorithm, and sending the server completion message packet server Finished, changing the password details change cipher spc, a timestamp t and the server completion flag bit server refined label to an access point;
server response module 32 for decryption
Figure FDA0003781995870000041
And storing random numbers P and M; and verifying the legality of the client and the access point.
2. An 802.1X based EAP-TLS authentication system according to claim 1,
the client response module 12 is used for verifying the legitimacy of the server and the access point; verifying the integrity of the server-to-client message specifically as follows: decryption
Figure FDA0003781995870000042
Obtaining a random number Q and a random number N, and then obtaining a signature public key spuk from a server certificate S Using a spuk S Decrypting ECDSA signatures
Figure FDA0003781995870000043
Obtaining a server certificate, a timestamp t and a random number P, comparing the timestamp t, if the server certificate is consistent with the timestamp t, comparing the server certificate with the server certificate sent by the access point, if the server certificate is consistent with the server certificate, successfully verifying the server by the client, and simultaneously comparing the random number P with the random number P generated by the client, if the server certificate is consistent with the server certificate, successfully verifying the access point by the client; generating a master key by using a Client random number and a server random number, calculating a server completion message packet server finish, comparing the server finish message packet with the server finish message sent by the access point, and if the server finish message packet is consistent with the server finish message sent by the access point, the message sent by the server to the Client is complete; sharing a secret key K using AES C,S Decryption
Figure FDA0003781995870000044
And obtaining an EAP-success response packet, and finishing the authentication process.
3. An 802.1X based EAP-TLS authentication system according to claim 1,
the access point response module 22 is used for decrypting
Figure FDA0003781995870000051
And stores the random number P; the access point verifies the validity of the server; the access point verifies the validity of the client, specifically: using a shared secret key K AP,S Decrypting to obtain and store the random number N, and then obtaining a signature public key spuk from a server certificate S Using a spuk S Decrypting ECDSA signatures
Figure FDA0003781995870000052
Obtaining a server certificate, a timestamp t and a random number M, comparing the timestamp t, if the timestamp t is consistent, then comparing the random number M with the random number M generated by the access point, and if the timestamp t is consistent, the access point successfully verifies the server; using the public signature key spuk in the Client certificate C Decrypting ECDSA labelName (name)
Figure FDA0003781995870000053
And obtaining a Client certificate, a timestamp t and a random number Q, comparing the timestamp t, if the timestamp t is consistent, then comparing the random number Q with the random number Q generated by the access point, and if the timestamp t is consistent, the access point successfully verifies the Client.
4. An 802.1X based EAP-TLS authentication system according to claim 1,
the server response module 32 verifies the validity of the client and the access point, specifically: using the private signature key sprk S Decrypting ECDSA signatures
Figure FDA0003781995870000054
Figure FDA0003781995870000055
Obtaining EAP identity Response packet EAP-Response/ID C And Client hello, using the public signature key spuk in the Client certificate C Decrypting the signature to obtain a Client certificate, a timestamp t and a random number N, comparing the timestamp t, if the Client certificate and the Client certificate are consistent, then comparing the Client certificate and the Client certificate directly sent by the access point, if the Client certificate and the Client certificate are consistent, the server successfully verifies the Client, meanwhile, comparing the random number N with the random number N generated by the server, and if the Client certificate and the Client certificate are consistent, the server successfully verifies the access point.
CN202011251833.7A 2020-11-11 2020-11-11 802.1X-based EAP-TLS authentication system Active CN112235108B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011251833.7A CN112235108B (en) 2020-11-11 2020-11-11 802.1X-based EAP-TLS authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011251833.7A CN112235108B (en) 2020-11-11 2020-11-11 802.1X-based EAP-TLS authentication system

Publications (2)

Publication Number Publication Date
CN112235108A CN112235108A (en) 2021-01-15
CN112235108B true CN112235108B (en) 2022-09-16

Family

ID=74123096

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011251833.7A Active CN112235108B (en) 2020-11-11 2020-11-11 802.1X-based EAP-TLS authentication system

Country Status (1)

Country Link
CN (1) CN112235108B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113132365A (en) * 2021-04-07 2021-07-16 武汉光庭信息技术股份有限公司 Communication security protection method and system of vehicle-mounted T-Box
CN113573307B (en) * 2021-07-28 2024-01-30 西安热工研究院有限公司 Rapid authentication method based on extensible authentication protocol
CN114499837B (en) * 2021-12-29 2023-09-26 广州蚁比特区块链科技有限公司 Message leakage prevention method, device, system and equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314072A (en) * 2020-02-21 2020-06-19 北京邮电大学 Extensible identity authentication method and system based on SM2 algorithm

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1997026B (en) * 2006-12-29 2011-05-04 北京工业大学 An expansion security authentication method based on 802.1X protocol
CN101360020B (en) * 2008-09-28 2011-04-06 西安电子科技大学 Simulation platform and method based on IEEE802.1X security protocol of EAP
CN102082665B (en) * 2009-11-30 2013-10-23 中国移动通信集团公司 Identity authentication method, system and equipment in EAP (Extensible Authentication Protocol) authentication
US10958425B2 (en) * 2018-05-17 2021-03-23 lOT AND M2M TECHNOLOGIES, LLC Hosted dynamic provisioning protocol with servers and a networked responder
US11671265B2 (en) * 2019-10-25 2023-06-06 John A. Nix Secure configuration of a secondary platform bundle within a primary platform

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314072A (en) * 2020-02-21 2020-06-19 北京邮电大学 Extensible identity authentication method and system based on SM2 algorithm

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
IEEE802.1x协议中EAP-TLS认证协议的安全性分析与改进;何定养等;《后勤工程学院学报》;20110130(第01期);全文 *
Transport Layer Security (TLS) /Datagram Transport Layer Security (DTLS)Profiles for the Internet of Things;H. Tschofenig等;《IETF rfc7925》;20160731;全文 *
一种有效的WLAN可信匿名认证协议;张斯芸等;《信息安全与通信保密》;20120910(第09期);全文 *

Also Published As

Publication number Publication date
CN112235108A (en) 2021-01-15

Similar Documents

Publication Publication Date Title
CN107919956B (en) End-to-end safety guarantee method in cloud environment facing to Internet of things
CN100558035C (en) A kind of mutual authentication method and system
CN107257334B (en) Identity authentication method for Hadoop cluster
CN112235108B (en) 802.1X-based EAP-TLS authentication system
US8352739B2 (en) Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same
US9197411B2 (en) Protocol and method for client-server mutual authentication using event-based OTP
CN108494811B (en) Data transmission security authentication method and device
CN106789042B (en) Authentication key negotiation method for user in IBC domain to access resources in PKI domain
CN103763356A (en) Establishment method, device and system for connection of secure sockets layers
JP5544627B2 (en) Data security access method suitable for electronic tags
WO2013112901A1 (en) System and method for securing private keys issued from distributed private key generator (d-pkg) nodes
CN103491540A (en) Wireless local area network two-way access authentication system and method based on identity certificates
CN110087240B (en) Wireless network security data transmission method and system based on WPA2-PSK mode
CN112087428B (en) Anti-quantum computing identity authentication system and method based on digital certificate
Chuang et al. PPAS: A privacy preservation authentication scheme for vehicle-to-infrastructure communication networks
CN117278330B (en) Lightweight networking and secure communication method for electric power Internet of things equipment network
CN101192927B (en) Authorization based on identity confidentiality and multiple authentication method
CN114650173A (en) Encryption communication method and system
CN114024672B (en) Safety protection method and system for power line carrier communication system
CN114331456A (en) Communication method, device, system and readable storage medium
CN114826659A (en) Encryption communication method and system
CN213938340U (en) 5G application access authentication network architecture
WO2021093811A1 (en) Network access method and related device
Yoon et al. Security enhancement scheme for mobile device using H/W cryptographic module
Chee et al. Improving security in the IEEE 802.16 Standards

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant