标题: 基于IEEE 802.11i 的快速预先认证
Fast Pre-Authentication based on IEEE 802.11i
作者: 黄玉佳
Yu-Chia Huang
简荣宏
Rong-Hong Jan
资讯学院资讯学程
关键字: IEEE 802.11i;预先认证;快速预先认证;漫游;重新认证;无线区域网路;IEEE 802.11i;Pre-Authentication;Fast Pre-Authentication;Roaming;Re-Authentication;IEEE 802.11
公开日期: 2005
摘要: IEEE 802.11i目的是为了加强无线网路(IEEE 802.11)的安全,但太过复杂的认证程序会增加无线工作站(STA)在漫游时重新连线所需的时间,影向即时性软体的传输品质。对此IEEE 802.11i提出两个因应的技术,分别为PMK快取(PMK Caching)以及预先认证(Pre-Authentication) ; 藉由无线工作站与下一个AP连线前事先完成认证的过程,并把认证的结果PMK快取下来,将可大幅减少漫游过程中重新认证所造成的延迟情况。但缺点是会产生过多的封包流量以及占用认证伺服器的资源,此外过长的时间亦会增加无线工作站的负荷。本篇论文即在此架构下提出一个新的机制-快速预先认证(Fast Pre-Authentication),方法为在相同延伸服务区(ESS)的无线基地台(AP)中透过认证伺服器的协助建立一个安全的通道,将无线工站作先前完成认证所产生的金钥相关资讯,提前交送给下一个连线的无线基地台,以较少的负担(Overhead)达到快速漫游的目的。另外以较少的时间完成预先认证,意谓着我们所提出的机制更加适合快速移动的无线设备。透过实作比较的方式,证明此机制是有效的。
The goal of IEEE 802.11i is for strengthening the wireless local area network (IEEE 802.11) security, but it’s complex authentication procedure will increase the STA’s re-authentication time while roaming happened, and affect the quality of real-time application. To solve this problems, IEEE 802.11i proposed two methods called the PMK Caching and Pre-Authentication, which complete the authentication in advance between STA and next candidate APs and then caching the PMKSA each others, will reduce the roaming latency caused by re-authentication procedure. However the shortcoming besides will produce too much message flow and engage the resource of authentication server, the long duration will also increase more burden to the STA. This thesis presents a new approach called as Fast Pre-Authentication which achieve the goal of fast secure roaming with less overhead. Adjacent APs in the same ESS will set up secure channels through the assistance of the authentication server, and then transfer the STA key relevant information to the candidate AP in advance. Shortening of pre-authentication time will be more suitable for the faster wireless device. Experimental results are given to show the effectiveness of the proposed approach.
URI: http://140.113.39.130/cdrfb3/record/nctu/#GT009267594
http://hdl.handle.net/11536/77766
显示于类别:Thesis


文件中的档案:

  1. 759401.pdf

If it is a zip file, please download the file and unzip it, then open index.html in a browser to view the full text content.