[1]宋宇波,黄玉划.CCMP协议的量化可验安全分析[J].东南大学学报(自然科学版),2008,38(2):206-210.[doi:10.3969/j.issn.1001-0505.2008.02.004]
 Song Yubo,Huang Yuhua.Concrete provable security analysis of CCMP protocol[J].Journal of Southeast University (Natural Science Edition),2008,38(2):206-210.[doi:10.3969/j.issn.1001-0505.2008.02.004]
点击复制

CCMP协议的量化可验安全分析()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
38
期数:
2008年第2期
页码:
206-210
栏目:
计算机科学与工程
出版日期:
2008-03-20

文章信息/Info

Title:
Concrete provable security analysis of CCMP protocol
作者:
宋宇波 黄玉划
东南大学信息安全研究中心, 南京 210096
Author(s):
Song Yubo Huang Yuhua
Research Center of Information Security,Southeast University,Nanjing 210096, China
关键词:
无线局域网 CCMP 可验安全分析
Keywords:
wireless local area network(WLAN) counter mode with cipher block chaining message authentication code protocol(CCMP) provable security analysis
分类号:
TP393.3
DOI:
10.3969/j.issn.1001-0505.2008.02.004
摘要:
为了分析无线局域网IEEE802.11i标准中替换存在严重安全问题的WEP协议的CCMP协议的安全性能,利用Bellare的量化可验安全模型对CCMP建立形式化分析模型,从数据机密性保护和完整性保护两个方面,建立与攻击者攻击成功的概率有关的优势函数对CCMP协议进行量化可验分析.分析表明,CCMP协议的认证性和机密性对应的攻击成功概率分别为O(n)×2-64O(n2)ࢧ2-128.该协议设计达到了预期的安全设计目标,满足无线局域网安全需求.
Abstract:
The security of the CCMP(counter mode with cipher block chaining message authentication code protocol), which is involved in IEEE 802.11i working group to substitute the WEP(wired equivalent privacy)protocol with seriously security problem, is discussed. A concrete provable security analysis method is adopted to analyze the data confidentiality and integrity of the CCMP protocol. The results show that the CCMP can provide a capability of security with O(n)×2-64 and O(n2)×2-128 probability of successful attacking to confidentiality and integrity respectively. The CCMP protocol has achieved the anticipated design goals, and can satisfy the security requirements of the WLAN(wireless local area network).

参考文献/References:

[1] IEEE Standard 802.11i.IEEE standard for information technology-telecommunications and information exchange between systems-local and metropolitan area networks-specific requirements part 11:wireless LAN medium access control(MAC)and physical layer(PHY)specifications:medium access control(MAC)security enhancements[S].New York:Institute of Electrical and Electronics Engineers,2004.
[2] IEEE Standard 802.11.Wireless LAN medium access control(MAC)and physical layer(PHY)specifications[S].New York:Institute of Electrical and Electronics Engineers,1999.
[3] Lipmaa H,Rogaway P,Wagner D.CTR:counter mode encryption [EB/OL].(2003-06-09)[2007-04-09].http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/ctr/.
[4] ISO.ISO8372—87 Information processing.Modes of operation for a 642bit block cipher algorithm [EB/OL].[2007-04-06].http://www.eos.org.eg/web-en/cat/items/d15530.html.
[5] 吴文玲,冯登国.分组密码工作模式的研究现状[J].计算机学报,2006,29(1):21-36.
  Wu Wenling,Feng Dengguo.The stat-of-the-art of research on block cipher mode of operation[J].Chinese Journal of Computers,2006,29(1):21-36.(in Chinese)
[6] Bellare M,Namprempre C.Authenticated encryption:relations among notions and analysis of the generic composition paradigm [C] //Advances in Cryptology—Asiacrypt 2000.Berlin,Springer Verlag,2000:531-545.
[7] Bellare M,Desai A,Jokipii E,et al.A concrete security treatment of symmetric encryption:analysis of the DES modes of operation[C] //Proceedings of 38th Annual Symposium on Foundations of Computer Science.Miami Beach,Florida,1997:394-403.
[8] Bellare M,Kilian J,Rogaway P.The security of the cipher block chaining message authentication code [J].Journal of Computer and System Sciences,2000,61(3):362-399.
[9] Krawczyk H.The order of encryption and authentication for protecting communications[C] //Advances in Cryptology —CRYPTO.Santa Barbara,California,USA:Springer Verlag,2001:310-331.
[10] 宋宇波,胡爱群,蔡天佑.WLAN 802.11/11b数据加密机制的安全分析[J].中国工程科学,2004,6(10):32-38.
  Song Yubo,Hu Aiqun,Cai Tianyou.The security analysis of enhanced data encryption schemes in IEEE802.11/11B WLAN [J]. Engineering Science,2004,6(10):32-38.(in Chinese)
[11] 宋宇波,胡爱群,蔡天佑.无线局域网TKIP协议的安全分析[J].应用科学学报,2005,23(1):67-70.
  Song Yubo,Hu Aiqun,Cai Tianyou.The security analysis for WLAN TKIP protocol [J].Journal of Applied Science,2005,23(1):67-70.(in Chinese)
[12] Bellare M,Desai A,Jokipii E,et al.A concrete security treatment of symmetric encryption [C] //Proceedings of the 38th IEEE Symposium on Foundations of Computer Science.Washington,DC,USA:IEEE Computer Society,1997:394-403.
[13] 曹秀英,耿嘉,沈平,等.无线局域网安全系统[M].北京:电子工业出版社,2004.

相似文献/References:

[1]宋宇波,陈开志,姚冰心.基于自我加密的无线局域网快速切换认证[J].东南大学学报(自然科学版),2007,37(6):945.[doi:10.3969/j.issn.1001-0505.2007.06.001]
 Song Yubo,Chen Kaizhi,Yao Bingxin.Fast handoff authentication scheme of WLAN based on self-encryption[J].Journal of Southeast University (Natural Science Edition),2007,37(2):945.[doi:10.3969/j.issn.1001-0505.2007.06.001]
[2]董亮,曹秀英,毕光国.变包长对WLAN MAC协议性能的影响[J].东南大学学报(自然科学版),2006,36(2):202.[doi:10.3969/j.issn.1001-0505.2006.02.005]
 Dong Liang,Cao Xiuying,Bi Guangguo.Impact of variable packet length on the performance of WLAN MAC protocol[J].Journal of Southeast University (Natural Science Edition),2006,36(2):202.[doi:10.3969/j.issn.1001-0505.2006.02.005]
[3]陈立全,胡爱群.WLAN上VoIP容量提高的新方法[J].东南大学学报(自然科学版),2006,36(4):508.[doi:10.3969/j.issn.1001-0505.2006.04.003]
 Chen Liquan,Hu Aiqun.New capacity enhancement scheme for VoIP over WLAN[J].Journal of Southeast University (Natural Science Edition),2006,36(2):508.[doi:10.3969/j.issn.1001-0505.2006.04.003]
[4]徐伟,杨怡,董永强,等.利用P2P技术实现移动终端在WLAN内的漫游认证[J].东南大学学报(自然科学版),2009,39(5):909.[doi:10.3969/j.issn.1001-0505.2009.05.008]
 Xu Wei,Yang Yi,Dong Yongqiang,et al.Station roaming authentication solution in WLAN based on P2P[J].Journal of Southeast University (Natural Science Edition),2009,39(2):909.[doi:10.3969/j.issn.1001-0505.2009.05.008]
[5]李伟征,胡爱群,陈立全,等.一种基于MPC860的无线局域网接入点以太网接口研究[J].东南大学学报(自然科学版),2004,34(2):166.[doi:10.3969/j.issn.1001-0505.2004.02.006]
 Li Weizheng,Hu Aiqun,Chen Liquan,et al.Ethernet interface research for wireless LAN access point based on MPC860[J].Journal of Southeast University (Natural Science Edition),2004,34(2):166.[doi:10.3969/j.issn.1001-0505.2004.02.006]
[6]沈丹萍,沈连丰,吴名,等.基于自适应帧聚合机制的无线局域网吞吐量分析[J].东南大学学报(自然科学版),2011,41(4):665.[doi:10.3969/j.issn.1001-0505.2011.04.002]
 Shen Danping,Shen Lianfeng,Wu Ming,et al.Throughput analysis in wireless local area network based on adaptive frame aggregation[J].Journal of Southeast University (Natural Science Edition),2011,41(2):665.[doi:10.3969/j.issn.1001-0505.2011.04.002]
[7]许国军,沈连丰.WLAN/WPAN系统中DFS算法参数对性能的影响[J].东南大学学报(自然科学版),2004,34(2):143.[doi:10.3969/j.issn.1001-0505.2004.02.001]
 Xu Guojun,Shen Lianfeng.Effect of DFS algorithm parameter on the system performance in WLAN/WPAN[J].Journal of Southeast University (Natural Science Edition),2004,34(2):143.[doi:10.3969/j.issn.1001-0505.2004.02.001]
[8]杨明,吴文甲,罗军舟.基于功率配置和关联管理的WLAN能耗优化算法[J].东南大学学报(自然科学版),2017,47(6):1079.[doi:10.3969/j.issn.1001-0505.2017.06.001]
 Yang Ming,Wu Wenjia,Luo Junzhou.Optimization of WLAN energy consumption based on power configuration and association management[J].Journal of Southeast University (Natural Science Edition),2017,47(2):1079.[doi:10.3969/j.issn.1001-0505.2017.06.001]

备注/Memo

备注/Memo:
作者简介: 宋宇波(1977—),男,博士,讲师,songyubo@seu.edu.cn.
基金项目: 国家高技术研究发展计划(863计划)资助项目(2007AA01Z432,2007AA01Z433)、江苏省自然科学基金资助项目(BK2006108)、华为基金资助项目、国家242信息安全计划资助项目(2007A04).
引文格式: 宋宇波,黄玉划.CCMP协议的量化可验安全分析[J].东南大学学报:自然科学版,2008,38(2):206-210.
更新日期/Last Update: 2008-03-20