集中式无线局域网分离介质访问控制的CCMP设计

doi:10.3724/SP.J.1087.2011.02159

计算机应用 ›› 2011, Vol. 31 ›› Issue (08): 2159-2161.DOI: 10.3724/SP.J.1087.2011.02159

集中式无线局域网分离介质访问控制的CCMP设计

刘立群

甘肃农业大学信息科学技术学院，兰州730070

收稿日期:2011-01-17 修回日期:2011-03-09 发布日期:2011-08-01 出版日期:2011-08-01
通讯作者: 刘立群
作者简介:刘立群(1982-)，女，甘肃天水人，讲师，硕士，主要研究方向：信息安全、无线局域网安全、网络计算。
基金资助:
国家自然科学基金资助项目(61063028)

Design of CCMP based on split medium access control of centralized wireless local area network

Li-qun LIU

College of Information Science and Technology, Gansu Agricultural University, Lanzhou Gansu 730070, China

Received:2011-01-17 Revised:2011-03-09 Online:2011-08-01 Published:2011-08-01
Contact: Li-qun LIU

摘要/Abstract

摘要： 针对临时密钥完整性协议(TKIP)潜在的安全缺陷，提出了一种新的可有效提高无线网络安全性的现场可编程门阵列(FPGA)的计数器模式和密码分组链接消息认证模式协议(CCMP)的设计方案。研究了CCMP的机密性原理，分析表明CCMP比TKIP提供了更为安全的保障。在已有的集中式无线局域网(WLAN)分离介质访问控制(MAC)架构下，给出了CCMP模块的实现方法和电路结构。分析比较了现有的4种高级加密标准(AES)实现方案的运行性能，测试结果表明该实现方案能提供更高的加密性能，提高了无线网络的机密性。

关键词: 分离介质访问控制, 计数器模式和密码分组链接消息认证模式协议, 高级加密标准, 计数器模式数据加密, 密码分组链接消息认证码完整性检查

Abstract: Concerning the potential security flaws of Temporal Key Integrity Protocol (TKIP), a new scheme for implementing counter mode with cipher-block chaining with message authentication code protocol (CCMP) based on Field Programmable Gate Array (FPGA) was proposed. The circuit architecture of CCMP process was implemented based on the existing centralized Wireless Local Area Network (WLAN) split Medium Access Control (MAC) architecture. By comparing the performances of four different Advanced Encryption Standard (AES) implementations, the test results indicate that the proposed scheme can provide higher encryption performance and enhance wireless confidentiality.

Key words: split Medium Access Control (MAC), counter mode with cipher-block chaining with message authentication code protocol (CCMP), Advanced Encryption Standard (AES), Counter Mode (CTR) for data confidentiality, Cipher-block Chaining with Message Authentication Code (CBC-MAC) for authentication and integrity

中图分类号:

刘立群. 集中式无线局域网分离介质访问控制的CCMP设计[J]. 计算机应用, 2011, 31(08): 2159-2161.

Li-qun LIU. Design of CCMP based on split medium access control of centralized wireless local area network[J]. Journal of Computer Applications, 2011, 31(08): 2159-2161.

参考文献

[1] IETFRFC 4118：Architecture taxonomy for control and provisioning of wireless access points (CAPWAP) [EB/OL]. [2011-01-02]. http://www.apps.ietf.org/rfc/rfc4118.html.

[2] IEEE Standard 802.11：Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications [S], 1999.

[3] IEEE Standard 802.11i：Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications，Amendment 6：Medium Access Control (MAC) security enhancements [S], 2004.

[4] EDNEY J, ARBAUGH W A. Real 802.11 security: Wi-Fi protected access and 802.11i [M]. Boston: Addison-Wesley，2003.

[5] 刘立群，火久元，唐鼎，等.基于集中式WLAN分离MAC架构的TKIP协议研究[J].计算机工程，2008，34(1)：181-183.

[6] 唐鼎，唐晖，林涛，等.一种无线局域网接入方法：中国，101335663[P].2008-12-31.

[7] 邹程，张鹏，邓高明，等.AES密码电路抗差分功耗分析设计[J].计算机工程与应用，2009，45(36)：63-65.

[8] McLOONE M, McCANNY J V. High performance single-chip FPGA Rijndael algorithm implementation [C]// CHES'01: Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems. Berlin: Springer-Verlag, 2001: 65-76.

[9] CHODOWIEC P, KHUON P, GAJ K. Fast implementation of secret-key block ciphers using mixed inner- and outer-round pipelining [C]// Proceedings of the 2001ACM/ SIGDA Ninth International Symposium on Field Programmable Gate Arrays. New York: ACM Press, 2001: 94-102.

[10] STANDAERT F X, ROUVROY G, QUISQUATER J J, et al. A methodology to implement block ciphers in reconfigurable hardware and it s application to fast and compact AES Rijndael [C]// Proceeding ACM/ SIGDA 11th ACM International Symposium on Field-Programmable Gate Arrays. New York: ACM Press, 2003: 216-224.

[11] ZHANG XINMIAO, PARHI K K. High-speed VLSI architectures for the AES algorithm [J]. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 2007, 12(9): 957-967.

[1]	谷正川, 郭渊博, 方晨. 基于代理重加密的消息队列遥测传输协议端到端安全解决方案[J]. 计算机应用, 2021, 41(5): 1378-1385.
[2]	王寿成, 徐进辉, 严迎建, 李功丽, 贾永旺. 面向密码流处理器的AES算法软件流水实现方法[J]. 计算机应用, 2017, 37(6): 1620-1624.
[3]	张望, 贾佳, 孟渊, 白旭. 基于高层次综合的AES算法研究与设计[J]. 计算机应用, 2017, 37(5): 1341-1346.
[4]	付雅丹, 杨庚, 胡持, 闵兆娥. 基于MapReduce的并行AES加密算法[J]. 计算机应用, 2015, 35(11): 3079-3082.
[5]	丁俊张曦煌. 实现欧洲/电气安装总线协议数据加密和设备认证的方法[J]. 计算机应用, 2014, 34(3): 728-732.
[6]	蔡泽民王奕李仁发. 基于代数表达式功耗模型的差分功耗分析攻击[J]. 计算机应用, 2014, 34(2): 448-451.
[7]	叶翔徐展胡翔刘丹. 低成本有源RFID双向认证加密方案[J]. 计算机应用, 2014, 34(2): 456-460.
[8]	谢惠敏郭东辉. 可重构的串行高级加密标准加解密电路设计[J]. 计算机应用, 2013, 33(02): 450-459.
[9]	李志强严迎建段二朋. 差分能量攻击样本选取方法[J]. 计算机应用, 2012, 32(01): 92-94.
[10]	张月华张新贺刘鸿雁. AES算法优化及其在ARM上的实现[J]. 计算机应用, 2011, 31(06): 1539-1542.
[11]	白茹雪刘鸿雁张新贺. 基于ARM920T的AES算法实现方案[J]. 计算机应用, 2011, 31(05): 1295-1297.
[12]	卢丹华钟诚杨锋. 基于多核多线程的AES保密模式[J]. 计算机应用, 2011, 31(04): 1003-1005.
[13]	李银金晨辉. 适合AES算法硬件实现的新S盒[J]. 计算机应用, 2007, 27(4): 852-853.
[14]	秋小强蔡觉平. 网络处理器高速AES协处理器设计[J]. 计算机应用, 2007, (12): 2957-2959.
[15]	刘航，戴冠中，李晖晖，慕德俊. 工作于CBC模式的AES算法可重配置硬件实现[J]. 计算机应用, 2005, 25(01): 135-137.

集中式无线局域网分离介质访问控制的CCMP设计

Design of CCMP based on split medium access control of centralized wireless local area network

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics