高级检索

    无线网络中身份认证协议选择方法

    A Selection Method for User Authentication Protocols in Wireless Networks

    • 摘要: 无线网络中通常存在多种身份认证协议可供选择,如何选择一个能够满足用户个性化需求的协议是个尚未解决的问题.从用户的角度出发,针对无线网络的特点,在综合考虑了用户最为关心的几个要素,如协议的安全性、能量消耗、认证时间以及用户偏好的基础上,提出了解决方案.将能量消耗定义为用户发送、接收消息能量消耗以及交互过程中密码操作所涉及的能量消耗之和.其中,密码操作包括Hash算法、RSA密钥交换、数字签名以及对称加解密算法.实验部分对EAP-PEAP,EAP-TLS,EAP-TTLS-MD5和EAP-TTLS-MSCHAPV2这4种最为常用的协议进行比较,结果表明不管用户如何设置权值,EAP-TTLS/MSCHAPV2和EAP-TTLS/MD5总是优于EAP-PEAP,EAP-TLS. 该方案通过考虑用户对身份认证协议的安全性以及性能方面的要求,按照用户的个性化需求进行了协议方案的选择.

       

      Abstract: Generally, in wireless networks there are a certain number of candidate user authentication protocols which can be selected from, and how to select one that can fulfill the user’s personalized requirements is an unsolved problem. There already are some studies on the authentication protocols, but most of them are from the protocol designers’ perspective. To the best of our knowledge, this paper is the first to study how to select authentication protocols with considering the user’s personalized requirements in wireless networks. From the perspective of users, we propose a solution that guides users to select from different authentication protocols according to their personalized requirements, taking into users’ most concerning factors, e.g., security, energy consumption, authentication delay and their preference. The energy consumption is defined as the sum of the energy consumption of user transmitting, receiving messages and cryptographic operations involved in the process of interaction. The cryptographic operations include Hash algorithm, RSA key exchange, digital signature, symmetric encryption and decryption algorithm. Adopting our solution to the EAP protocols in WLAN, we evaluate the security and performance of the EAP-PEAP, EAP-TLS, EAP-TTLS/MD5 and EAP-TTLS/MSCHAPV2. The results show that, regardless of how users set the weight, EAP-TTLS/MSCHAPV2 and EAP-TTLS/MD5 are always better than EAP-PEAP and EAP-TLS.

       

    /

    返回文章
    返回