Achieving secure and convenient WLAN sharing in personal,IET Information Security

当前位置： X-MOL 学术 › IET Inf. Secur. › 论文详情

Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)

Achieving secure and convenient WLAN sharing in personal
IET Information Security ( IF 1.4 ) Pub Date : 2020-10-15 , DOI: 10.1049/iet-ifs.2020.0134
Zhicheng Yan _{1,

2} , Chao Yang ₁ , Wei You ₁ , Jingjing Guo ₁ , Junwei Zhang ₁ , Yu Zheng ₁ , Jianfeng Ma ₁

Affiliation

The authors analyse the security threats caused by personal wireless local area network (WLAN) sharing, propose schemes under two different conditions, and evaluate the performance of their schemes. WLAN is a widely used low-cost wireless networking technology. Most personal WLANs use the Wi-Fi-protected access II (WPA2)-personal to ensure robust security. Exposing the passphrase of WLAN is the only way to share it. Passphrase exposure can cause three threats, i.e. eavesdropping, evil twin attack, and resource abuse. This study addresses these threats by proposing two schemes under different device upgrade difficulties. For devices that are difficult to upgrade, their scheme only upgrades wireless routers. All WPA2-personal certified user devices can address these threats without any changes. For easy-upgrade and new devices, their scheme uses the attribute-based key exchange to address threats and provide ease of use, anonymity, and fine-grained access control. To solve the problem practically, they propose a mutual authentication method based on trust-on-first-use and a convenient attribute assignment method based on the existence of social information. The attribute authority already has numerous social information to provide services and cannot obtain more private information from participants in their scheme. The analysis shows that these proposed schemes are secure and practical.

中文翻译：

在个人中实现安全便捷的WLAN共享

作者分析了由个人无线局域网（WLAN）共享引起的安全威胁，提出了两种不同条件下的方案，并评估了其方案的性能。WLAN是一种广泛使用的低成本无线网络技术。大多数个人WLAN使用个人Wi-Fi保护访问II（WPA2）以确保强大的安全性。公开WLAN的密码短语是共享它的唯一方法。密码短语暴露可导致三种威胁，即窃听，双胞胎邪恶攻击和资源滥用。本研究通过提出两种在不同设备升级难度下的方案来应对这些威胁。对于难以升级的设备，其方案仅升级无线路由器。所有经过WPA2个人认证的用户设备都可以无需更改就可以应对这些威胁。对于易于升级的新设备，他们的方案使用基于属性的密钥交换来解决威胁，并提供易用性，匿名性和细粒度的访问控制。为了实际解决该问题，他们提出了一种基于首次使用信任的相互认证方法和一种基于社交信息存在的便捷属性分配方法。属性机构已经拥有大量的社会信息来提供服务，并且无法从其方案的参与者那里获得更多的私人信息。分析表明，这些方案是安全可行的。他们提出了一种基于首次使用信任的相互认证方法和一种基于社交信息存在的便捷属性分配方法。属性机构已经拥有大量的社会信息来提供服务，并且无法从其方案的参与者那里获得更多的私人信息。分析表明，这些方案是安全可行的。他们提出了一种基于首次使用信任的相互认证方法和一种基于社交信息存在的便捷属性分配方法。属性机构已经拥有大量的社会信息来提供服务，并且无法从其方案的参与者那里获得更多的私人信息。分析表明，这些方案是安全可行的。

更新日期：2020-10-16

点击分享查看原文

点击收藏

阅读更多本刊最新论文本刊介绍/投稿指南

全部期刊列表>>