Guo_Xiaoying.pdf (8.89 MB)

MEAP, modified EAP protocol for WLAN authentication

Download (8.89 MB)
thesis
posted on 24.05.2021, 13:43 by Xiaoying Guo
Wireless networking is becoming increasingly popular. However, the use of Wireless Local Area Networks (WLAN) also creates many security issues that do not exist in a wired world. WLAN connection no longer requires cable. Instead, data packets are sent on the air and are available to anyone with the ability to intercept and decode them. Traditional physical security measures like firewalls and security guards are less efficient in this new domain. The IEEE has organized the 802.11i Task Group to address 802.11 security. To solve the user authentication problem, it adopted 802.1x standard. The standard relies on Extensible Authentication Protocol (EAP) to provide the authentication function. However, after the basic EAP authentication process, the Access Point (AP) still needs to be authenticated by the client. In order to implement mutual authentication, Protected EAP (PEAP), EAP-Transport Layer Security (TLS), EAP-Tunneled TLS (TTLS) or other variants of EAP are developed. But some [are] still weak in the authentication procedure. In this thesis, a new authentication mechanism called Modified EAP (MEAP) is proposed. MEAP is based on PEAP. MEAP adds a TLS layer on top of EAP, and then uses the resulting TLS session as a tunnel to protect the later Simple Password-authenticated Exponential Key Exchange (SPEKE), which is a strong password method. MEAP can provide mutual authentication to satisfy strong authentication requirements in WLAN.

History

Language

eng

Degree

Master of Applied Science

Program

Computer Networks

Granting Institution

Ryerson University

LAC Thesis Type

Thesis

Thesis Advisor

Chul Kim

Usage metrics

Computer Networks (Theses)

Exports