中文摘要：

针对目前IEEE 802.11i存在的不能为管理帧和控制帧提供安全保护导致DoS攻击、不能为用户提供身份隐私保护、会话主密钥MSK的丢失引起信息泄露等安全威胁,引入物理层安全方案iJam,于802.11i认证之前在移动站STA和接入点AP之间生成物理层密钥K_i.使用生成的K_i保护802.11i的管理帧和控制帧,防止DoS攻击;并在后续认证过程中对消息加密,保护用户的身份信息;参与PTK的生成,增强PTK的安全性.给出了WLAN安全性增强的方案,并对引入iJam后802.11i的安全性、增加的时延、能耗及兼容性进行了分析.结果表明,所提出的方案克服了目前802.11i存在的安全威胁,对其安全性进行了增强;但所引入时延和能耗都非常有限;同时引入iJam并不会对802.11i的框架造成影响.

英文摘要：

To solve IEEE 802.11 i security threats of DoS attacks, no user identity protection and loss of MSK resulting in information leakage because of no provision of security protection for management frames and control frames, a physical layer security solution of i Jam was introduced. The physical layer key of Ki between STA and AP before 802.1 1i authentication was generated to prevent management frames and control frames from DoS attack, and to protect user identity and enhance the PTK security. The scheme of WLAN security enhancement was proposed to analyze the 802.11i security, the increased delay and energy and the compatibility after i Jam introduction. The results show that the security threats of 802.11 i are overcome with enhanced security by the proposed scheme proposal, while the introduced delay and energy consumption is very limited. The introduction of iJam has little effect on the framework of 802.11i.