Article Preview
Top1. Introduction
To provide clients with comfort brought by portability, recent wireless network technology accomplish development and the establishment and usage of Wireless Local Area Network become universal furthermore. Before giving services, network system demands that clients should finish the authentication method in order to verify the resources are appropriately utilized. Authentication is the method of checking client’ identities when they want to access resources from WLAN. Normally, a client provides his authentication element to the authentication server (AS), and afterwards the AS checks them. If the factors are right, the client is approved to gain the access right to the resources provided by the AS, and the AS produces a session-key material that is shared with the client. Essentially, it is likewise critical for WLANs to authenticate clients and build secure channels with them. IEEE 802.11 (Anirudh et la., 2006), the most broadly used standard, contains definitions for the operations of WLANs. The original design in the standard gives just some essential authentication techniques, for example, pre-shared key establishment and password verification implemented between a client and the AS, called Wired Equivalent Privacy (WEP) (Zhao, 2007). WEP is not secure in light of the fact that an attacker can acquire unapproved access during intercepted messages. The security of IEEE 802.11 was later corrected to include Wi-Fi Protected Access (WPA) and WPA2 (Pacheco de Carvalho et al., 2013). WLAN based on 802.11 standards are vulnerable to attack if weak encryption key or no authentication is used. Additionally, man-in-the-middle (MiM) attack becomes a more distress for clients and owners in WLAN. Several kinds of attacks have been reported and been studied extensively by analysts around the world. While attempts are continuously being created to deal with the security problems in the later forms of 802.11, security of WLAN remains demanding. The traditional authentication techniques normally use the names and passwords of clients as login authentication. On the other hand, these Single Factor authentication techniques are proven to be imperfect. In virtue of improving security, recent researches on authentication are built on Two-Factor authentication schemes. To handle above issues, we will introduce a Radio Frequency Identification (RFID) (Guo et al., 2011) secure authentication technique in WLAN in this paper. The proposal applies the low-cost passive RFID tag along with the names and passwords of clients as login identification, and proceeds without secure channel assumption. Through analytic examination, this research not just solely decreases the expense of Two-Factor Authentication schemes, still, provides security similarly as smart cards. The radio frequency identification (RFID) is an innovation that enables the non-contact, automatic and unique identification of objects using radio waves so that it is regarded as the quality alternative of the conventional barcode technology (Juels, 2006). The RFID technology has been adopted in a broad variety of industries and being more and more utilized as a part of numerous area, for example, supply chain management, industrial manufacturing management, e-passports, stock control management and so forth. In this paper, a new elliptic curve cryptography (ECC) (He et al., 2014) based RFID authentication scheme is presented that removes security problems of existing authentication schemes while requiring lower computation cost and low communicational cost. Our primary necessity comprises in giving an ECC based RFID authentication to manage who connects to the WLAN. A secure channel should be set up on every link on a client basis. The corresponding authentication policy will have to make certain security level and should consider client credentials renewal and strength.