{"title":"WAPI协议安全性能评估","authors":"Fan Sun, Hong Wen, Yanxu Zhu, Xinchen Xu","doi":"10.1109/CCPQT56151.2022.00035","DOIUrl":null,"url":null,"abstract":"Due to wireless LAN is closed to our daily life and our terminals, the malicious attack actions are easily to be launched to the open wireless broadcast channel. WAPI (Wireless LAN Authentication and Privacy Infrastructure) is one of influential standards for wireless LAN. To understand and strengthen WAPI protocol, this paper studies the security performance of WAPI protocol, analyzes the defects of WAPI protocol and the possible security threats and losses caused by the defects. A security performance evaluation strategy based on CVSS standard is also proposed, and quantitatively evaluates the security performance of WAPI protocol. According to our quantitative evaluation, it is possible to know which part of the WAPI is the security weak part, and improvement and enhanced measurement should be paid more attention in the future.","PeriodicalId":235893,"journal":{"name":"2022 International Conference on Computing, Communication, Perception and Quantum Technology (CCPQT)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"WAPI Protocol Security Performance Evaluation\",\"authors\":\"Fan Sun, Hong Wen, Yanxu Zhu, Xinchen Xu\",\"doi\":\"10.1109/CCPQT56151.2022.00035\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to wireless LAN is closed to our daily life and our terminals, the malicious attack actions are easily to be launched to the open wireless broadcast channel. WAPI (Wireless LAN Authentication and Privacy Infrastructure) is one of influential standards for wireless LAN. To understand and strengthen WAPI protocol, this paper studies the security performance of WAPI protocol, analyzes the defects of WAPI protocol and the possible security threats and losses caused by the defects. A security performance evaluation strategy based on CVSS standard is also proposed, and quantitatively evaluates the security performance of WAPI protocol. According to our quantitative evaluation, it is possible to know which part of the WAPI is the security weak part, and improvement and enhanced measurement should be paid more attention in the future.\",\"PeriodicalId\":235893,\"journal\":{\"name\":\"2022 International Conference on Computing, Communication, Perception and Quantum Technology (CCPQT)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Computing, Communication, Perception and Quantum Technology (CCPQT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCPQT56151.2022.00035\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Computing, Communication, Perception and Quantum Technology (CCPQT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCPQT56151.2022.00035","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
由于无线局域网对我们的日常生活和终端是封闭的,恶意攻击行为很容易被发起到开放的无线广播信道上。WAPI (Wireless LAN Authentication and Privacy Infrastructure,无线局域网认证和隐私基础设施)是无线局域网中具有重要影响的标准之一。为了理解和加强WAPI协议,本文研究了WAPI协议的安全性能,分析了WAPI协议的缺陷以及这些缺陷可能造成的安全威胁和损失。提出了一种基于CVSS标准的安全性能评价策略,对WAPI协议的安全性能进行了定量评价。根据我们的定量评价,可以知道WAPI的哪一部分是安全薄弱的部分,未来应该更加重视改进和加强测量。
Due to wireless LAN is closed to our daily life and our terminals, the malicious attack actions are easily to be launched to the open wireless broadcast channel. WAPI (Wireless LAN Authentication and Privacy Infrastructure) is one of influential standards for wireless LAN. To understand and strengthen WAPI protocol, this paper studies the security performance of WAPI protocol, analyzes the defects of WAPI protocol and the possible security threats and losses caused by the defects. A security performance evaluation strategy based on CVSS standard is also proposed, and quantitatively evaluates the security performance of WAPI protocol. According to our quantitative evaluation, it is possible to know which part of the WAPI is the security weak part, and improvement and enhanced measurement should be paid more attention in the future.