论文标题:IEEE 802.16标准Mesh模式安全问题研究
Research on Security Problem of IEEE 802.16 Standard in Mesh Mode
论文作者
论文导师 韩文报,论文学位 硕士,论文专业 密码学
论文单位 解放军信息工程大学,点击次数 543,论文页数 58页File Size3354K
2007-04-15论文网 http://www.lw23.com/lunwen_26054422/
IEEE 802.16;; Mesh;; PKM;; Authentication mechanism;; Data encryption algorithm;; Random number;; Multi-level security
IEEE 802.16系列标准作为无线宽带接入技术的重要组成部分,已经成为无线城域网技术的主要标准。IEEE 802.16标准支持一点对多点(PMP)和网格(Mesh)两种运行模式。由于无线传输信道的开放性,安全问题一直是IEEE 802.16标准的焦点问题。国内外研究机构也对IEEE 802.16标准的安全问题进行了研究。根据最新公布的。IEEE 802.16e标准,密钥管理协议(PKM)分为PKMv1和PKMv2两部分。通过对IEEE 802.16e标准的研究发现,Mesh模式下,PKM沿用了IEEE 802.16d标准中的相关规定(在IEEE 802.16e中被命名为PKMv1)。 国家商用密码办公室已经制定了无线局域网安全标准,对无线局域网加密算法、数字签名算法、密钥协商算法进行了规定。这些标准将对无线城域网安全标准的制定提供参考。本文对Mesh模式安全机制改进的过程中,将列入我国无线局域网安全标准的ECDSA数字签名算法和SMS4分组密码算法增加进来,实现了与我国无线网络信息安全标准的兼容。 通过分析发现,IEEE 802.16标准Mesh模式在认证机制方面采用单向认证方式,由于这种方式数据传输量小,交互次数少。所以具有组网速度快、灵活性高等特点。但是从信息安全角度来看,不能抵抗数据篡改、重放攻击、中间人攻击等已知方法的攻击。Mesh模式组网方式在安全性要求较高的环境下,对认证过程、密钥交换过程、数据加密强度都会有较高要求。基于安全方面的考虑,本文主要对Mesh模式中的认证协议、密钥交换协议、加密算法组件进行了改进。主要工作如下: 1、对Mesh模式安全机制进行分析发现存在的安全漏洞 利用模拟攻击的方法对认证过程进行分析发现,Mesh模式采用单向认证方式,不能实现节点对认证节点的认证。这种认证方式无法保证认证节点的合法性,从而引发假冒认证节点,篡改认证消息等安全隐患。Mesh模式中的消息(管理消息、认证交换消息、密钥协商消息)保密机制不强,容易被恶意节点截获、篡改,造成敏感信息泻露。加密算法组件中提供了多种加密算法,其中有的算法(如56bit-DES),已经被证明有有效的破解方法。 2、针对发现的安全漏洞改进Mesh模式安全机制 针对分析中发现的安全漏洞,本文主要从三个方面进行了改进。首先,对认证协议进行了改进。增加了基于数字证书的双向认证,并在交互消息中增加了随机数和采用ECDSA算法的数字签名。其次,对密钥分发机制和密钥交换协议进行了改进。用认证节点分发的Mesh标识符(MID)替代了原有的用户共享秘密(OSS),作为身份认证的基础。在密钥交换消息中增加了随机数和数字签名。最后,对原有的加密算法组件进行了调整,增加了SMS4分组密码算法。 3、兼顾传输效率与安全要求设计出分级安全传输机制 针对Mesh模式中效率与安全的矛盾,本文设计出一种可以在传输过程中进行加密能力切换的交互机制。对AK交换、TEK交换过程作出相应的调整。使得安全子层支持明文-密文切换传输,提高实际应用中的传输效率。
As an important part of the technology of broadband wireless network, the IEEE 802.16standard series has come to be the main standard of the wireless WMAN technology. The IEEE802.16 standards support two kinds of operating modes: the PMP mode and the MESH mode.Due to the openness of wireless transmission, the security problems of IEEE 802.16 are alwaysresearch focuses, and both domestic and foreign researchers have conducted related studies inthis field. According to newly published 802.16e standard, the new protocol of private keymanagement (PKM) consists of two parts, i.e. the PKMv1 and the PKMv2. However, we foundthat PKMv1, which describes agreements under the Mesh mode, has not improved muchcomparing to the old PKM in the IEEE 802.16d standard. The Office of Security of Commercial Code of China (OSCCA) has enacted a standard ofwireless LAN, which includes agreements for wireless LAN encryption algorithm, digitalsignature algorithm, key agreement algorithm etc. These standards provide valuable references for the establishment of security standards for thewireless WMAN. For example, for the improvement of security mechanism under the Meshmode, this thesis imports the ECDSA digital signature algorithm and the SMS4 block cipheralgorithm, which are originally included in the wireless LAN security standard. By doing this,the improved protocol proposed in the thesis is naturally compatible the national wireless LANstandards. The author first analyzed the Mesh mode in IEEE 802.16 standard and found that this modeuses the unidirectional authentication method in the aspect of authentication mechanism. In thisway the quantity of data transmission is small and the number of interactive times is only a few,and therefore the Mesh mode incorporates advantages of fast network speed and high level offlexibility. However, from the informational security point of view, this mode is irresistible ofmany known ways of attacks, such as tampering with the data, the replay attack, the intermediateattack etc. To enable networking under the Mesh mode with higher security requirements, thefollowing aspects, i.e. the authentication process, the key exchange process, and the dataencryption intensity, have to be improved. This thesis mainly focuses on the improvement ofthese three aspects. The contributions are as follows. 1. The security mechanism under the Mesh mode is analyzed and several loopholes arediscovered. Simulated attacks are used to analyse the authentication process. It is found that theunidirectional authentication method, which is used in the Mesh mode, can not let a normal nodeauthenticate the authority node. Therefore, under the Mesh mode a normal node is unable toguarantee the validity of the authentication node, and thus hidden troubles may exist. Forexample, a normal node may pretend to be an authentication node, or it may easily tamper amessage from an authentication node. Besides, the Mesh mode does not provide a high level ofconfidentiality for messages, including some important kinds of messages, such as managementmessage, authentication exchange message, key agreement message etc. Those messages maytherefore be easily intercepted or tampered by malicious nodes, possibly resulting in a seriousaccident of sensitive information leakage. Fortunately, several algorithms from the encryptionalgorithm module can be applied to the Mesh mode; those algorithms include for example the 56bit-DES algorithm, which has been proved to be an effective method. 2. The fore above discovered loopholes under the Mesh mode are improved. This thesis solved the underlying problems caused by the discovered loopholes byimproving the following protocols and modules. Firstly, the authentication agreement isimproved. A bilateral authentication protocol, which is designed based on digital certificate, isadded to the existing authentication agreement. In the bilateral protocol, the interactive messageexchange uses the ECDSA algorithm the digital signature. Secondly, more improvements aremade for the key distribution mechanism and the key swap agreement. The original usedidentification method, the operator shared secret (OSS), is substituted by Mesh ID, which isdistributed by the authentication node. Random numbering and the digital signature method areadded to the generation of key exchange messages. Besides, the encryption algorithm module isalso enriched, e.g. SMS4 algorithm is added to the module. 3. A new multi-level secure message system is designed. In order to balance between the level of security and the performance in message systemunder the Mesh mode, this thesis has designed a new message exchange system. The new systemmay switch the level of security during the process of messaging. Moreover, it can react andadjust to AK and TEK message exchange processes. In this way, the security sub-layer innetworking is able to support switch between plain text and encrypted text during the messagetransmission, and therefore the transmission efficiency in real application may significantlyenhances.
|
