CN104796892A - WLAN (wireless local area network) authentication method based on NFC (near field communication) - Google Patents
WLAN (wireless local area network) authentication method based on NFC (near field communication) Download PDFInfo
- Publication number
- CN104796892A CN104796892A CN201510165974.XA CN201510165974A CN104796892A CN 104796892 A CN104796892 A CN 104796892A CN 201510165974 A CN201510165974 A CN 201510165974A CN 104796892 A CN104796892 A CN 104796892A
- Authority
- CN
- China
- Prior art keywords
- wlan
- nfc
- key
- user
- nfc module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to a WLAN (wireless local area network) authentication method based on NFC (near field communication). According to the WLAN authentication method, two NFC modules working in a point-to-point mode are adopted, wherein the two NFC modules include a user NFC module of user equipment and an NFC module of a WLAN; when a user requests to access the WLAN, NFC communication between the NFC module of the user and the NFC module of the WLAN is established, and by the aid of the Diffie Hellman algorithm adopted by the user and the WLAN, random information is exchanged, and symmetric KEYs are computed; a public key certificate system authentication method is adopted to perform user authentication on signatures and verifications of the symmetric KEYs. The WLAN authentication method based on the NFC has the advantages that the NFC is protected from man-in-the-middle attack and replay attack, the WLAN is protected from illegal access attack to a certain extent, true and effectiveness of user identification are guaranteed, and safety in access to the WLAN by the NFC is enhanced.
Description
Technical field
The present invention relates to a kind of WLAN (wireless local area network) WLAN auth method based on near-field communication NFC.
Background technology
Along with network is popularized, the use of WLAN (wireless local area network) WLAN is more and more extensive.Current widely used WLAN authentication mode is all based on the secret key PSK of pre-share.The complicated secret key PSK of pre-share adds the difficulty of people's memory, so of common occurrence by the situation of the mode record password such as hand-written and manual delivery password.Because the awareness of safety of people is poor, transmit pre-share secret key PSK mode random, and password is arranged simply, cipher change is slow, causes potential safety hazard very large.Loaded down with trivial details WLAN manual configuration brings very big inconvenience.
Near-field communication NFC technique is a kind of short-range high frequency wireless communication technology, allows to carry out point-to-point non-contacting transfer of data between electronic equipment, and can design complicated interaction protocol.In communication, both sides role is divided into initial side and target side two kinds.Initial side initiatively initiates communication, target side passive response.The access using near-field communication NFC P-2-P technology to carry out WLAN can conveniently realize user and access WLAN.NFC technique is used for WLAN access, as long as two equipment touch gently can set up communication between two NFC device, automatically transmits WLAN configuration information and realize subscriber equipment access WLAN, eliminating loaded down with trivial details configuration.But NFC P-2-P technology is not to the part that user identity is verified, user identity has anonymity, this may cause assailant to use special installation illegally to access attack, Replay Attack and man-in-the-middle attack, brings potential safety hazard and loss.
Summary of the invention
The object of the present invention is to provide a kind of WLAN (wireless local area network) WLAN auth method based on near-field communication NFC, realize preventing man-in-the-middle attack and Replay Attack to NFC, prevent to a certain extent illegally accessing attack to WLAN, ensure the authentic and valid of user identity, strengthen the fail safe using NFC to access WLAN.In order to achieve the above object, the present invention adopts following technical scheme:
Based on a WLAN (wireless local area network) WLAN auth method of near-field communication NFC, it is characterized in that, this kind of cut-in method uses two NFC module: the NFC module of user's NFC module that subscriber equipment adopts and WLAN; Two described NFC module are operated in ad hoc mode, and when user asks access WLAN, the NFC module of user and the NFC module of WLAN set up NFC communication, and both sides use Di Fei-Herman algorithm exchange random information and calculate symmetric key KEY.Use public-key key certificate system identity verification method, signs and verify the checking carrying out user identity to symmetric key KEY.
Wherein, use public-key key certificate system identity verification method, signs and verify that the process of carrying out the checking of user identity can be to symmetric key KEY:
(1) to each user, use equipment of itself and adopt certain security algorithm, obtaining the secret key pair for certification, comprise a private key and a PKI, PKI is submitted to WLAN keeper then and there and apply for access authority and sign electronic signature by director;
(2) user's NFC module private key carries out digital signature to described symmetric key KEY, signature is sent to the NFC module of WLAN, after the NFC module of WLAN receives signature, corresponding PKI is utilized to verify symmetric key KEY, verify errorless, user is undertaken next step by authentication, otherwise does not pass through.
The invention has the beneficial effects as follows, based on the design of NFC ad hoc mode, checking is carried out to user identity and achieves user identity system of real name, man-in-the-middle attack can because checking be found the signature of symmetric key KEY, realize preventing man-in-the-middle attack to NFC, realize preventing the illegal access caused due to man-in-the-middle attack from attacking to WLAN, ensured the authentic and valid of user identity, enhanced the fail safe using NFC to access WLAN.The encryption and decryption of public key certificate system exchanges random information and the symmetric key KEY generated to liking by Di Fei-Herman algorithm, each user's wlan device request access WLAN, the symmetric key KEY generated during two NFC module communication is different, the signature that assailant is intercepted is invalid, Replay Attack is prevented to NFC, realizes preventing the illegal access caused by Replay Attack from attacking to WLAN.
Accompanying drawing explanation
Fig. 1 is the complete sequential chart of this method
With reference to Fig. 1, initial side is the NFC device of initial side Initiator identity in NFC communication, and target side is the NFC device of target side Target identity in NFC communication.
Embodiment
Below in conjunction with accompanying drawing and example, the present invention is described in detail.
The present invention proposes a kind of WLAN (wireless local area network) WLAN auth method based on near-field communication NFC.This kind of cut-in method uses two NFC module: the NFC module of user's NFC module that subscriber equipment adopts and WLAN; Two described NFC module are operated in ad hoc mode.When user asks access WLAN, the NFC module of user and the NFC module of WLAN set up NFC communication, adopt Di Fei-Herman algorithm exchange random information and calculate symmetric key KEY; Use public-key key certificate system identity verification method, signs and verify the checking carrying out user identity to symmetric key KEY.Public key certificate system used can use many algorithms, as Digital Signature Algorithm DSA, ECDSA ECDSA etc.
Below in conjunction with the implementation process of the accompanying drawing 1 WLAN (wireless local area network) WLAN auth method based on near-field communication NFC of the present invention, public key certificate system is for Digital Signature Algorithm DSA authentication public key agreement:
(1) user's digital signature DSA secret key pair of using a certain software algorithm of equipment of itself to obtain for certification, comprises a PKI and a private key, PKI is submitted to WLAN keeper then and there and apply for access authority, sign electronic signature by leader.
(2) two NFC module contacts, user's NFC module sets up with the NFC module of WLAN and communicates, and both sides calculate symmetric key KEY by Di Fei-Herman algorithm exchange message respectively.
(3) Digital Signature Algorithm DSA certificate is used, the initial side in NFC communication, i.e. user's NFC module
Use private key to sign to the symmetric key KEY in (2), signature sig is sent to the target side in NFC communication, i.e. the NFC module of WLAN.
(4), after target side receives signature, the signature Sig of the corresponding PKI of the private key utilizing user to apply in advance to KEY verifies.Verify that errorless then user identity is legal, subscriber equipment can be accessed by WLAN; Otherwise illustrate that user identity is illegal, communication stops.
Claims (2)
1. based on a WLAN (wireless local area network) WLAN auth method of near-field communication NFC, it is characterized in that, this kind of cut-in method uses two NFC module: the NFC module of user's NFC module that subscriber equipment adopts and WLAN; Two described NFC module are operated in ad hoc mode, and when user asks access WLAN, the NFC module of user and the NFC module of WLAN set up NFC communication, and both sides use Di Fei-Herman algorithm exchange random information and calculate symmetric key KEY.Use public-key key certificate system identity verification method, signs and verify the checking carrying out user identity to symmetric key KEY.
2. the WLAN (wireless local area network) WLAN auth method based on near-field communication NFC according to claim 1, it is characterized in that, use public-key key certificate system identity verification method, signs and verify that the process of carrying out the checking of user identity is as follows to symmetric key KEY:
(1) to each user, use equipment of itself and adopt certain security algorithm, obtaining the secret key pair for certification, comprise a private key and a PKI, PKI is submitted to WLAN keeper then and there and apply for access authority and sign electronic signature by director;
(2) user's NFC module private key carries out digital signature to described symmetric key KEY, signature is sent to the NFC module of WLAN, after the NFC module of WLAN receives signature, corresponding PKI is utilized to verify symmetric key KEY, verify errorless, user is undertaken next step by authentication, otherwise does not pass through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510165974.XA CN104796892A (en) | 2015-04-09 | 2015-04-09 | WLAN (wireless local area network) authentication method based on NFC (near field communication) |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510165974.XA CN104796892A (en) | 2015-04-09 | 2015-04-09 | WLAN (wireless local area network) authentication method based on NFC (near field communication) |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104796892A true CN104796892A (en) | 2015-07-22 |
Family
ID=53561320
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510165974.XA Pending CN104796892A (en) | 2015-04-09 | 2015-04-09 | WLAN (wireless local area network) authentication method based on NFC (near field communication) |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104796892A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105245532A (en) * | 2015-10-22 | 2016-01-13 | 桂林航天工业学院 | WLAN access method based on NFC authentication |
| CN109041025A (en) * | 2018-08-15 | 2018-12-18 | 合肥云序科技有限公司 | A kind of personal identification method of near-field communication |
| CN110402440A (en) * | 2017-02-27 | 2019-11-01 | J·加斯屈埃尔 | Segment key Verification System |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101114901A (en) * | 2006-07-26 | 2008-01-30 | 联想(北京)有限公司 | Safety authentication system, apparatus and method for non-contact type wireless data transmission |
| CN102355662A (en) * | 2011-06-10 | 2012-02-15 | 合肥联正电子科技有限公司 | Key exchanging method on basis of wireless low-cost equipment |
| CN104144424A (en) * | 2013-05-07 | 2014-11-12 | 华为终端有限公司 | Method for establishing connection between devices, configuration device and wireless devices |
-
2015
- 2015-04-09 CN CN201510165974.XA patent/CN104796892A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101114901A (en) * | 2006-07-26 | 2008-01-30 | 联想(北京)有限公司 | Safety authentication system, apparatus and method for non-contact type wireless data transmission |
| CN102355662A (en) * | 2011-06-10 | 2012-02-15 | 合肥联正电子科技有限公司 | Key exchanging method on basis of wireless low-cost equipment |
| CN104144424A (en) * | 2013-05-07 | 2014-11-12 | 华为终端有限公司 | Method for establishing connection between devices, configuration device and wireless devices |
Non-Patent Citations (1)
| Title |
|---|
| 周宣武,付燕,金志刚,刘开华,李欣: "基于椭圆曲线签密的物联网安全通信方案", 《微电子学与计算机》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105245532A (en) * | 2015-10-22 | 2016-01-13 | 桂林航天工业学院 | WLAN access method based on NFC authentication |
| CN105245532B (en) * | 2015-10-22 | 2018-01-19 | 桂林航天工业学院 | WLAN cut-in methods based on NFC certifications |
| CN110402440A (en) * | 2017-02-27 | 2019-11-01 | J·加斯屈埃尔 | Segment key Verification System |
| CN110402440B (en) * | 2017-02-27 | 2024-02-02 | J·加斯屈埃尔 | Segmented key authentication system |
| CN109041025A (en) * | 2018-08-15 | 2018-12-18 | 合肥云序科技有限公司 | A kind of personal identification method of near-field communication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103532713B (en) | Sensor authentication and shared key production method and system and sensor | |
| CN109923830A (en) | System and method for configuring wireless network access device | |
| CN105050081A (en) | Method, device and system for connecting network access device to wireless network access point | |
| CN103297403A (en) | Method and system for achieving dynamic password authentication | |
| CN104821933A (en) | Device and method certificate generation | |
| CN104754581A (en) | Public key password system based LTE wireless network security certification system | |
| CN111404664B (en) | Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices | |
| CN110635901B (en) | Local Bluetooth dynamic authentication method and system for Internet of things equipment | |
| CN105323754B (en) | A kind of distributed method for authenticating based on wildcard | |
| CN107679847A (en) | A kind of move transaction method for secret protection based on near-field communication bidirectional identity authentication | |
| KR20110083886A (en) | Apparatus and method for other portable terminal authentication in portable terminal | |
| WO2015144041A1 (en) | Network authentication method and device | |
| CN101192927B (en) | Authorization based on identity confidentiality and multiple authentication method | |
| CN104468099A (en) | Dynamic password generating method and device based on CPK (Combined Public Key) and dynamic password authentication method and device based on CPK (Combined Public Key) | |
| CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
| CN101895881A (en) | Method for realizing GBA secret key and pluggable equipment of terminal | |
| WO2015144042A1 (en) | Method and device for network authentication certification | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| WO2017020530A1 (en) | Enhanced wlan certificate authentication method, device and system | |
| CN101272241B (en) | Cryptographic key distribution and management method | |
| CN104954130A (en) | Entity identification method and device thereof | |
| CN106992866A (en) | It is a kind of based on wireless network access methods of the NFC without certificate verification | |
| CN104796892A (en) | WLAN (wireless local area network) authentication method based on NFC (near field communication) | |
| CN105828330B (en) | Access method and device | |
| Baek et al. | Secure and lightweight authentication protocol for NFC tag based services |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150722 |