在無線網路中，由於訊號是藉由無線電訊號來傳送，所以無線網路最顯著的問題就是訊號易被竊聽。目前一般無線網路安全是採用IEEE 802.11標準中的有線等效保密協定（wired equivalent privacy protocol，簡稱WEP）以保護訊息的私密性。但是許多研究已指出WEP存在許多安全問題，並且無法滿足無線網路的三個基本安全需求：私密性、使用者鑑別性與資料完整性。另外，由於WEP協定使用固定的四把WEP密鑰，且無密鑰管理協定來負責密鑰的更新，因此當使用期限已屆時，先前已授權的用戶將無法完全地被撤銷。
在2005年，Wool提出WEP*與WEP**方法以改善使用者撤銷之問題，然而WEP*仍存在部份安全弱點且不夠便利；雖然WEP**改善WEP*的安全性，但是卻不相容於IEEE 802.11無線網路標準。在本篇論文中，我們提出一個適用於IEEE 802.11無線網路標準的密鑰管理協定，此協定除了增進WEP協定的私密性外，亦改善WEP協定所遭遇的其他安全問題，而且存取點 (Access Point，簡稱AP) 和使用者能夠相互驗證彼此的身份。除非使用者使用期限已至，否則AP和使用者的連線並不會中斷，然而，Wool的方法必須花費額外的驗證步驟與時間才能夠繼續保持連線。更進一步地，我們的方法能與IEEE 802.11 standard相容，且不像其他解決方案，我們的方法不需要仰賴額外的鑑別伺服器，因此，我們的方法更適用於基本的IEEE 802.11架構，像是部署於家庭或是辦公室的無線區域網路。

In wireless network environment, the message was sent by radio frequency, so the most notable problem is that messages will be eavesdropped arbitrarily.  In order to protect confidentiality, the general wireless network adopts a wired equivalent privacy (WEP) protocol in IEEE 802.11 standard at present.  But there are many researches point out that WEP involved a lot of security problems and doesn’t satisfy three main security requirements: confidentiality, authentication and data integrity.  Besides, WEP uses four static WEP keys without key management to refresh keys, so the previously authorized hosts can not revoked fully when their service time is over deadline.  
 In 2005, Wool proposed WEP* and WEP** scheme that have solved the user revocation problem, but WEP* still has some security weaknesses and its convenience is not good enough for users; although WEP** improves the security problems of WEP*, WEP** is not compatible with IEEE 802.11 standard.  In this article, we proposed a new key management scheme that is suitable for IEEE 802.11 standard.  The proposed scheme not only enhances confidentiality, but also improves the other security problems of WEP*.  The access point (AP) and host authenticate each other in the proposed scheme.  The connection of the AP and host do not interrupt in the proposed scheme except the deadline of connection service expire, while the Wool’s WEP* has to take more extra authentication steps and time to continues the connection by security consideration.  Furthermore, our scheme is compatible with IEEE 802.11 standard, and unlike above solutions, our scheme doesn’t need an extra authentication server.  Therefore, our scheme is suitable for basic IEEE 802.11 infrastructure such as wireless local area network deployed in houses or small offices.

Chapter 1  Introduction P.1
Chapter 2  Notation and review of related works P.5
2.1 Notations P.5
2.2 Review of WEP P.6
2.3 Review of Wool’s WEP* scheme P.13
2.4 Review of Wool’s WEP** scheme P.20
Chapter 3 Our improved scheme P.22
3.1 The method of generating MIC P.23
3.2 Registration phase P.23
3.3 Authentication phase P.24
3.4 Refresh key phase P.27
3.5 Compatibility of our improved WEP* equipment and WEP equipment	 P.30
3.6 Secure communication P.32
Chapter 4 Security analysis and discussion P.35
4.1 Confidentiality P.35
4.2 Authentication	 P.36
4.3 Data integrity	 P.37
4.4 The length of connection time P.37
4.5 Comparisons P.38
Chapter 5  Conclusions P.40
Reference	 P.41
 
List of Tables
Fig.1: The range of 802.11 wireless network P.2
Fig.2: Construction of frame body which is encrypted by the WEP encryption P.7
Fig.3: The procedures of WEP encryption P.8
Fig.4: The procedures of WEP decryption P.9
Fig.5: The IEEE 802.11 authentication protocol P.10
Fig.6: The authentication phase of WEP* P.14
Fig.7: The format of message M in WEP* scheme	P.15
Fig.8: The authentication phase of WEP** P.20
Fig.9: The format of the message D, which is encrypted and transmitted in WEP** as authentication Message 3 P.21
Fig.10: The procedure of generating MIC P.23
Fig.11: The authentication phase of our improved scheme P.24
Fig.12: The format of the message M in our improve WEP* scheme P.26
Fig.13: Example - the AP’s and two hosts’ key-set contents P.30
Table 1: Comparison among four schemes P.39

[1] W.A. Arbaugh, N. Shankar, Y.C.J. Wan and K. Zhang, “Your 802.11 wireless network has no clothes,” IEEE Wireless Communications Volume: 9, Issue: 6, 2002, pp.44–51.
[2] M. Bellare, R. Canetti and H. Krawczyk, “HMAC: Keyed hashing for message authentication,” Internet Engineering Task Force RFC 2104, Feb. 1997. 
[3] N. Borisov, I. Goldberg and D. Wagner, “Intercepting mobile communications: The insecurity of 802.11,” Proc. 7th ACM Conference on Mobile Computing and Networking (MOBICOM’01), Rome, Italy, 2001.
[4] S. Fluhrer, I. Mantin, and A. Shamir, “Weaknesses in the key scheduling algorithm of RC4,” In Eighth Annual Workshop on Selected Areas in Cryptography, Toronto, Canada, Aug. 2001.
[5] IEEE 802.11 wireless local area networks: The working group for WLAN standard, 2002, http://grouper.ieee.org/groups/802/11
[6] IEEE 802.11 Working Group, Wireless LAN medium access control (MAC) and physical layer (PHY) specifications. ANSI/IEEE Standard 802.11, 1999.
[7] IEEE 802.11 Working Group, Wireless LAN medium access control (MAC) and physical layer (PHY) specifications. ANSI/IEEE Standard 802.11i, 2004.
[8] Standards for local and metropolitan area networks: Standard for port based network access control. IEEE Draft P802.1X/D11, 2001. 
[9] A. Stubblefield, J. Ioannidis and A. Rubin, “Using the Fluhrer, Mantin, and Shamir attack to break WEP,” Proc. 9th Network and Distributed System Security Symposium (NDSS’ 02).The Internet Society, 2002. 
[10] Avishai Wool, “Lightweight key management for IEEE 802.11wireless LANs with key refresh and host revocation,” ACM/Kluwer Wireless Networks, Volume: 11, Issue: 6, 2005, pp.677–686