• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.8A
• /
• pp.640-647
• /
• 2009

IEEE 802.11i is an amendment to the original IEEE 802.11/b,a,g standard specifying security mechanism by stipulating RSNA for tighter security. The RSNA uses TKIP(Temporal Key Integrity Protocol) and CCMP(Counter with CBC-MAC Protocol) instead of old-fashioned WEP(Wired Equivalent Privacy) for data encryption. This paper describes a design of a communication security engine for IEEE 802.11i MAC layer. The design includes WEP and TKIP modules based on the RC4 encryption algorithm, and CCMP module based on the AES encryption algorism. The WEP module suffices for compatibility with the IEEE 802.11 b,a,g MAC layer. The CCMP module has about 816.7Mbps throughput at 134MHz, hence it satisfies maximum 600Mbps data rate described in the IEEE 802.11n specifications. We propose a pipelined AES-CCMP cipher core architecture, which has lower hardware cost than existing AES cores, because CBC mode and CTR mode operate at the same time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.107-112
• /
• 2003

Handover in IEEE 802.11 requires repeated authentication and key exchange procedures, which are an obstacle to seamless services of wireless LAM. We propose a fast authentication and key exchange mechanism using IEEE 802.11f. Especially, by proposing a modified version of the 4-way handshake of IEEE 802.11i, we solve the perfect forward secrecy problem that arises when the pre-authentication is adopted. The scheme can be implemented only using the Context Block of IEEE 802.11f and the 4-way handshake of IEEE 802.11i without involving authentications server's interaction or non-standard behavior between access points. Our scheme is applicable to devices not supporting the us-authentication of IEEE 802.11i and also, it can substitute the pre-authentication when the pre-authentication is failed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.93-103
• /
• 2009

Recently, there is an increase in demand of real-time multimedia service in the WLAN environment, with a commercialization of IEEE 802.11n standard. However, the 802.1x authentication protocol is too slow to provide seamless real-time multimedia service, which defined in an IEEE 802.11i security standard. In this paper, a Ticket-based authentication mechanism in the CAPWAP(Control And Provisioning Wireless Access Point) architecture is introduced to support for the fast handoff.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.29-38
• /
• 2005

Because IEEE 802.11 has several security vulnerabilities, IEEE 802.11i was proposed and accepted. But IEEE 802.11i has much overhead for most of users for the web surfing. Besides not only node the authentication but also the packet authentication is needed to communicate. Although IEEE 802.11i uses TKIP(Temporal Key integrity Protocol) and CCMP(CTR with CBC-MAC Protocol), they have a lot of overheads. In this paper, Lightweight Packet Authentication(LIPA) is proposed. LIPA has less overhead and short delay so that it can be affordable for simple web-surfing which does not need stronger security. After comparing performances of LIPA with those of TKIP and CCMP, LIPA is more efficient than other schemes for transmitting packets.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.317-324
• /
• 2009

In this paper, a 4-way Handshake protocol in the IEEE 802.11i is analyzed in terms of both security and reliability. It is shown that the 4-way Handshake protocol breaks down under some conditions due to a MIC (message integrity code) failure, and a solution to fix it is proposed. It is also proposed that a new 2-way Handshake protocol which is more secure and efficient than the 4-way Handshake protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.89-98
• /
• 2010

Wireless LAN (WLAN) is type of wireless service that has higher data transmission than current cellular networks. The usage is continually increasing. There are a lot of vulnerabilities in wireless network, due to the properties of the wireless environment, regardless of its popularity. IEEE announced the 802.11i security standard to solve these problems. The vulnerable point of messages used in the process of key distribution for 802.11i makes the target node attacked lose memory through continuous messages and blocks the legitimate WLAN service. In this paper, we proposed new schemes to solve this problem and compared our proposals with the current process. The proposed protocol eliminates the memory exhaustion problem on the client side by using methods for reduction of memory usage.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.295-297
• /
• 2004

무선랜에 대한 사용과 응용이 늘어나면서 등장한 요구사항들을 충족시키기 위하여 IEEE 802.11에 새로운 규격들이 계속하여 추가되고 있다. 그중 802.11i와 802.11f는 각각 무선랜 보안 강화와 액세스포인트 사이의 정보 교환을 목적으로 제정되었다. 802.11i에 의한 보안기능 강화로 인하여 스테이션의 로밍 과정에서의 지연 시간이 길어지게 되었고 이를 해결하기 위한 선인증 방식이 사용될 수 있다. 그러나 802.11i선인증 방식에서는 스테이션이 로밍하여 갈 액세스포인트를 미리 예상하고 인증을 받아야 한다는 단점이 있다 본 논문에서는 IAPP 프로토콜을 사용하여 액세스포인트 사이에 인증 정보를 교환함으로써 스테이션이 관여하지 않고 선인증을 수행하는 방법을 제안하고, 802.11i 선인증 방식에 대한 장단점을 비교한다.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.8 no.6
• /
• pp.112-120
• /
• 2009

Both security enhancement in wireless and fast access for mobility are required to employ wireless LAN in ITS (Intelligent Transportation Systems). However, for the case of employing IEEE 802.11i security standard, it is known that the user authentication procedure of IEEE 802.1x and 4-way handshake procedure for stronger security enforcement may not be suitable for ITS due to its large delay. In this paper, we propose fast authentication method to resolve the above authentication delay problem, and verify its performance via simulation analysis.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.371-373
• /
• 2003

최근에 공공장소에서의 보다 안정적이고 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 수요가 많아지고 있고, 유무선 사업자들은 무선랜 시장을 선점하기 위해서 서비스를 서두르고 있다. 이와 같은 무선랜환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위한 표준으로 802.laa와 802.11i가 있다. 이와 같은 802.laa와 802.11i를 지원하는 액세스포인트를 위해서는 두 표준을 지원할 수 있는 라디우스 클라이언트가 필요하다. 본 논문에서는 위의 액세스포인트가 라디우스 프로토콜을 사용하여 무선단말 사용자를 인증시켜 주고 WEP(Wired Equivalent Privacy)을 위한 키를 교환할 수 있는 라디우스 클라이언트를 설계하고 구현하였다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.3
• /
• pp.161-168
• /
• 2011

This paper provides the performance measurement and analysis of Wireless LAN IEEE 802.11 in a mobile environment. The performances of IEEE802.11b/g and IEEE802.11p designed for Vehicle-to-Vehicle(V2V) communication are measured and analyzed. Diameter of communication and link access time are compared under variation of speed of the vehicle.