臺灣博碩士論文加值系統

近年來無線網路的技術發展逐漸成熟，舉凡傳輸速度、傳輸距離都有大幅的進步，在各公共場合 (例如機場、車站及餐廳等等) 也佈建著許多熱點 (Hot Spot)，使用者可以透過這些熱點來連接上網際網路，使用網際網路上多元的服務。網路安全一直都是人們所關心的課題，無線網路帶給我們便利的上網服務，但也引出許多安全相關的問題，當我們使用無線網路時，有心人只要有電波接收的設備，就可以竊聽在空氣中傳遞的訊息，為此IEEE 802.11標準中規定使用有線等級私密 (Wired Equivalent Privacy) 來保護資料的安全性，但不幸的是，有線等級私密在設計上有重大瑕疵，其安全性已不足以被信賴，因此制定了IEEE 802.11i標準做為無線網路安全性的規範，IEEE 802.11i使用更複雜的機制來達到資料的私密性和完整性，但也增加了行動節點 (Mobile Node) 在網路中換手 (Handoff) 的延遲時間。
為了加快換手的速度，讓上層應用程式能夠更順暢的進行，我們提出預先四訊息交換 (Pre-Four-Way-Handshake) 的方法避免802.11i四訊息交換的延遲。在我們提出的預先四訊息交換的機制中，行動節點在要執行換手之前，先透過目前所聯結的無線存取點 (Access Point) 和可能會換手到的目標無線存取點溝通，預先執行四訊息握手交換，並把成果用一特別的資料結構儲存起來，而此資料結構會擁有一唯一的識別名稱。配合著IEEE 802.11i中的預先認証程序 (Pre-Authentication)，行動節點在換手後僅需傳遞先前儲存的資料結構識別名稱，則無線存取點和行動節點雙方就可繼續進行一般資料的傳送，因換手而造成應用程式的暫時中斷也可以降到最低。
由於預先認証和預先四訊息握手交換行動節點都必須知道目標無線存取點的位址，所以我們提出一位置資訊交換架構來輔助快速換手的機制。在此架構中，設立有一台位置伺服器，此位置伺服器會有當地無線網路的基地台與認證伺服器的網路資訊及拓撲等知識，而行動節點會將本身目前的位置資訊告知位置伺服器，位置伺服器會記錄下來並依行動節點過去的位置記錄，預測出行動節點可能會換手到的無線存取點，之後藉由雙方訊息的交換，讓行動節點得知目標無線存取點的位址，藉以輔助本論文快速換手的機制。
最後，我們實作出一套包含位置資訊交換及快速換手機制的系統雛型，以驗証我們所提出的方法。實作結果証明，我們的方法確實可行。

With the advance of wireless internet technologies, the transmission rate of IEEE 802.11 networks increases significantly while the deployment cost decrease substantially. Many IEEE 802.11-based hot spots have been deployed in public areas, such as airports, transit stations, restaurants, and hotels, so that hot spots users can surf the Internet and subscribe services even when they are away from their home or offices. However one of the most important issues that remain to be solved in 802.11 networks is the security issue. The downside of using wireless technologies is that anybody can effortlessly eavesdrop messages in the air with a wireless network adapter. Therefore, IEEE 802.11 specification adopted wired equivalent privacy (WEP) to protect messages transferred in the air. Unfortunately, WEP has a significant flaw in security. Hence IEEE standard committees proposed 802.11i specification as the security enhancement for wireless environment. IEEE 802.11i employs more complex mechanism to achieve data confidentiality and integrity. However, it also increases the handoff delay time.
In this thesis, we adopted a new method, pre-four-way-handshake, to shorten the handoff delay of IEEE 802.11i four-way-handshake. Together with the pre-authentication procedure defined in IEEE 802.11i specification, the pre-four-way-handshake can reduce handoff delay perceivable by a mobile node (MN). Before commencing a handoff, an MN communicates with candidate target access points (APs), through the access point that the MN is currently associated with, to perform pre-authentication and pre-four-way-handshake. Both the MN and each of the target APs store the results of pre-authentication and pre-four-way-handshake in a specific data structure, called security association (SA). Each SA has a unique identifier for identification purpose. The MN needs only send the corresponding identifier to the AP with which it newly associates. The AP then uses the identifier to find the MN’s SA to retrieve the MN’s authentication statuses and key materials. Because the MN have performed the authentication and key exchange procedures with the new AP before it starts a handoff process, the MN can continues transferring general packets immediately after it has associated with the new AP. Therefore the application interruption due to handoff can be reduced substantially by the pre-authentication and pre-four-way-handshake.
Because the MN needs to obtain the addresses of the candidate APs beforehand for pre-authentication and pre-four-way-handshake, we also proposed a location information exchange architecture to assist the fast handoff. In this architecture, there is a location server that maintains the configuration and topology information of APs. Besides, it also keeps track of MN’s locations and predicts which APs the MN might handoff to. By exchanging messages with the location server, the MN can obtain the addresses of the candidate APs and perform pre-authentication and pre-four-way handshake when handoff is about to occur.
We have implemented a prototype that employs a location server for pre-authentication and pre-four-way-handshake in IEEE 802.11i-based networks. Experimental results show that our proposals are very effective.

中文摘要 i
英文摘要 iii
誌謝 v
目錄 vi
圖目錄 ix
表目錄 xi
第一章 緒論 1
1.1 研究動機 1
1.2 研究目標 2
1.3 章節簡介 3
第二章 背景與相關研究 5
2.1 IEEE 802.11 無線網路簡介 5
2.2 IEEE 802.1x 連接埠網路存取控制 7
2.2.1 IEEE 802.1x系統架構 8
2.2.2 可延伸認証通訊協定 9
2.2.3 IEEE 802.1x運作流程 11
2.3 Robust Security Networks 12
2.4.1 RSN系統架構 12
2.4.2 RSN金鑰管理 15
2.4.3 四訊息握手交換 17
2.4.4 預先認証 19
2.4 相關論文研究 21
2.4.1 Pre-Authenticated Fast Handoff in a Public Wireless LAN Based on IEEE 802.1x Model 21
2.4.2 Proactive Key Distribution Using Neighbor Graphs 22
2.4.3 Location-based Fast Handoff for 802.11 Networks 23
第三章 IEEE 802.11i無線網路快速換手之設計與架構 24
3.1 快速換手之設計架構 24
3.2 預先四訊息握手交換 24
3.3 位置資訊管理設計方法 28
3.3.1 方法及相關元件 28
3.3.2 位置伺服器之設計 29
3.3.3 行動節點上客戶端之設計 30
3.3.4 位置資訊訊息交換 32
3.4 換手及重新聯結 33
3.4.1 換手及重新聯結程序 33
3.5 IEEE 802.11i無線網路快速換手 35
第四章 IEEE 802.11i無線網路快速換手之實作 38
4.1 系統之軟硬體需求 38
4.2 位置資訊交換之實作 39
4.2.1 位置資訊封包基本格式 39
4.2.2 位置資訊更新訊息 40
4.2.3 候選無線存取點列表要求 41
4.2.4 候選無線存取點列表回覆 41
4.3 位置伺服器之實作 42
4.4 客戶端之實作 42
4.5 RSN資訊元素修改 44
第五章 效能分析 46
5.1 換手延遲時間分析 46
5.1.1 一般換手程序 46
5.1.2 快速換手程序 47
第六章 結論與未來工作 48
6.1 結論 48
6.2 未來工作 48
參考文獻 50

[1] J. Vollbrecht et al. “AAA Authorization Framework,” IETF RFC 2904, August 2000.
[2] L. Blunk, J. Vollbrecht, Merit Network inc., “PPP Extensible Authentication Protocol (EAP)”, IETF RFC 2284, March 1998.
[3] “Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications”, IEEE Standard 802.11, 1999.
[4] “Port-Based Network Access Control”, IEEE Standard 802.1x, June 2001.
[5] Arbaugh, W.A.; Shankar, N.; Wan, Y.C.J.; Kan Zhang; “Your 80211 wireless network has no clothes”, IEEE Wireless Communications, Volume: 9, Issue: 6, Dec. 2002 Pages:44 – 51.
[6] C. Rigney et al., “Remote Authentication Dial In User Service (RADIUS)”, IETF RFC 2865, June 2000.
[7] P. Calhoun et al., “Diameter Base Protocol”, IETF RFC 3588, September 2003.
[8] Arunesh Mishra, Minho Shin, and William Arbaugh, “An Empirical Analysis of the IEEE 802.11 MAC Layer Handoff Process” (http://www.cs.umd.edu/~waa/pubs/handoff-lat-acm.pdf) .
[9] B. Aboba, Microsoft, P. Calhoun, Airespace, “RADIUS Support For Extensible Authentication Protocol (EAP)”, IETF RFC 3579, September 2003.
[10] “Wireless LAN Medium Access Control Security Enhancements”, IEEE, Standard 802.11i, July 2004.
[11] B. Aboba, D. Simon, Microsoft, “PPP EAP TLS Authentication Protocol”, RFC 2716, October 1999.
[12] Jon Edney, William A. Arbaugh, “Real 802.11 Security”, Addison-Wesley, July 2003.
[13] WiFi Alliance, http://www.wi-fi.org/OpenSection/index.asp.
[14] Chien-Chao Tseng, Kuang-Hui Chi, Min-Deng Hsieh, Hung-Hsing Chang, “Location-based Fast Handoff for 802.11 Networks”, IEEE Communication Letters
[15] Mishra A, Min Ho Shin, Petroni N.L. Jr., Clancy T.C., Arbaugh W.A, “Proactive key distribution using neighbor graphs”, IEEE Wireless Communications, Feb. 2004
[16] Minho Shin, Arunesh Mishra, William A. Arbaugh, “Improving the Latency of 802.11 hand-offs using Neighbor Graphs”, ACM Mobisys 2004
[17] Sangheon Pack, Yanghee Choi, ”Pre-Authenticated Fast Handoff in a Public Wireless LAN Based on IEEE 802.1x Model”, Proceedings of the IFIP TC6/WG6.8 Working Conference on Personal Wireless Communication, October 2002.
[18] Hayriye Altunbasak, Henry Owen, “Alternative Pair-wise Key Exchange Protocols for Robust Security Networks (IEEE 802.11i) in Wireless LANs”, IEEE proceedings 2004
[19] H. Jonatban, “RADIUS”, O’REILLY, October 2002.
[20] P. Bruce, F. Bob, “802.11 Security”, O’REILLY, December 2002.
[21] Matthew S. Gast, ”802.11 Wireless Networks: The Definitive Guide”, O’REILLY, April 2002.
[22] Host AP driver, hostapd, and WPA supplicant, http://hostp.epitest.fi
[23] FreeRADIUS, http://www.freeradius.org
[24] OpenSSL, http://www.openssl.org