Netinfo Security ›› 2015, Vol. 15 ›› Issue (8): 47-52.doi: 10.3969/j.issn.1671-1122.2015.08.008

Previous Articles     Next Articles

An Improved Method for Enhancing the Security of WAPI

HU Xue1(), FENG Hua-min1,2, CHEN Ying-ya1, WU Yang-yang1   

  1. 1.Beijing Electronic Science and Technology Institute, Beijing 100070, China
    2.Communication Engineering Institute, Xidian University, Xi’an Shanxi 710071, China
  • Received:2015-07-08 Online:2015-08-01 Published:2015-08-21

Abstract:

WAPI is an authentication and encryption security protocol of GB 15629.11, the Chinese WLAN standard. This paper introduces the background and working principle of WAPI standard, analyzes the WAPI security defects in the process of identity authentication and key agreement, and improves the defects above. In the process of identity authentication, the new protocol not only authenticate the legitimacy of user certificate, but also authenticate the user has the corresponding private key; in the process of key agreement, the new protocol apply key exchange protocol——MTI to the key exchange process, and improve the safety of key exchange. This paper lists the key process of the improved WAI identity authentication interaction, and gives the security analysis. On the basis of the improved WAPI, we put forward a mobile terminal solution taking advantage of the independent security medium (mobile phone using SD-Key as security medium, PAD using the USB-Key as security medium). Compared with the national standard, modified WAPI has been greatly improved in terms of safety. In the standardization of WAPI products, the enhanced mobile terminal solutions proposed in this paper has great reference significance to improving the WAPI standard security.

Key words: WAPI, identity authentication, key agreement, independent security medium, mobile terminal

CLC Number: