因為無線網路技術的進步和大眾對無線網路的需求也越來越大了，所以無線網路的安全性也亦驅重要。無線網路近年已漸漸的被使用在人口集中的商業區或是大學的校園裡面，因為它的方便性使得民眾對它的喜好程度遠大於前。現在甚至已有業者將無線網路卡直接內建在筆記型電腦，民眾已不需額外插上無線網路卡，使得便利性提升許多。雖然802.1X已提供較安全的高層認證協定，但是在多種的認證協定上仍有缺失會導致有被攻擊機會。
　　在我們有限的知識裡面，我們發現William A. Arbaugh這位學者在一些書籍和文章中對無線網路的安全性提出了不少的看法和分析，這裡指的無線網路包括單純的802.11和使用802.1X的802.11環境。在2002年，他在一篇技術報告中對802.1X作出了初步的分析和提供抵檔攻擊的意見。不過他只是提出這個想法並未實現它。
　　在本論文中我們將深入研究與學習使用由William A. Arbaugh所提出的方法來設計一個可行和合理的演算法來抵擋由William所發現的攻擊和探討這位學者所提供的方案是否可行及尋找在程式當中尋找是否有多餘的空間讓我們加入將來用來認證的重要資訊。除此之外，在文章中我們也說明我們所設計的演算法將可抵擋攻擊。

　　Because of the progressive wireless network technology and the large demand of wireless network service, the wireless security is gradually important in the recent years. In these few years, the wireless service has been provided in business fields and campuses. Due to its convenient property, people like it very much. Even some computer manufactories have set up a wireless network card in notebook sets; people do not need to plunge a wireless network card any more and make user friendly. Although 802.1X works with many high-level authentications, it still has opportunity to be attacked because of its design default.
　　To our based knowledge, we just find that the William A. Arbaugh makes an analysis of 802.1X and proposes their concept to stop the attacks which they find. They write some attacks in the technical paper published in University of Maryland. And this paper attracts much attention in the world.
　　This thesis proposes a secure protocol in wireless LAN to protect the network from attacks. According to William A. Arbaugh’s method, we show that our proposed protocol is based on HMAC and signature. In addition, we explain how our proposed protocol can stop the two attacks and cannot stop the other two attacks. Finally, we make a conclusion about our protocol. Again, everyone has responsibility to protect himself/herself from sniffing and other attack in the wireless LAN or wired LAN. We can have good quality of this service if everyone really pays much attention to do it.

[1] B. Aboba, D. Simon and Microsoft, “PPP EAP TLS Authentication Protocol,” RFC 2716, October 1999.

[2] H. Andersson, S. Josefsson, RSA Security, et al, “Protected EAP Protocol (PEAP),” IETF draft-josefsson-pppext-eap-tls-eap-0.5.txt, September 2002.

[3] Borisov, Nikita, Ian Goldberg and David Wagner, “Security of WEP Algorithm,” ISSAAC, http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html.

[4] Levente Buttyan and Jean-Pierre Hubaux, “Report on a Working Session ON Security in Wireless Ad Hoc Networks,” ACM Mobile Computing and Communications Review, Volume 6, Number 4, 2002.

[5] L. Blunk, J. Vollbrecht and Merit Network, Inc, “PPP Extensible Authentication Protocol (EAP),” RFC 2284, March 1998.

[6] Robert J. Boncella, “Wireless Security: An OVERVIEW,” Eighth Americas Conference on Information Systems, 2002.

[7] Nikita Borisov, Ian Goldberg and David Wagner, “Intercepting Mobile Communications: The Insecurity of 802.11,” In Proceedings of the Seventh Annual International Conference on Mobile Computing AND Networking, pp. 180-188, July 2001.

[8] Jon Edney and William A. Arbaugh, Real 802.11 Security Wi-Fi Protected Access and 802.11i, Addison-Wesley, July 2003.

[9] Scott Fluhrer, Itsik Mantin and Adi Shamir, “Weaknesses in the Key Scheduling Algorithm of RC4,” Eighth Annual Workshop on Selected Areas in Cryptography, August 2001.

[10] Matthew S. Gast, 802.11 Wireless Networks, O’REILLY, April 2002.

[11] H. Haverinen, Ed. Nokia, et al, “Extensible Authentication Protocol Method for GSM Subscriber Identity Modules (EAP-SIM),” IETF draft-haverinen-pppext-eap-sim-13.txt, April 5, 2004.

[12] Yih-Chun Hu, Adrian Perrig and David B. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks,” IEEE INFORMCOM, 2003.

[13] Tom Karygiannis and Les Owens “Wireless Network Security 802.11, Bluetooth and Handheld Devices,” NIST, November 2002.

[14] Brian Mansfiedld, “WLAN & 802.11 SECURITY,” Internet Developers Group, June 18, 2002.

[15] Arunesh Mishra and William A. Arbaugh, “An Initial Security Analysis of the IEEE 802.1X Standard,” CS-TR-4328, Feb 2002.

[16] Raymond McKay, “FreeRADIUS EAP/TLS-WinXP HOW,” http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm.

[17] C. Rigney and et. al, “Remote Authentication Dial In User Service (RADIUS),” RFC 2865, June 2000.

[18] Ron L. Rivest, Adi Shamir and Leonard M. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, Feb, 1978.

[19] Saindon and Jean-Paul, “Techniques to resolve 802.11 and wireless LAN techonology in outdoor environments,” a news article at SecurityMagazine.com Aug.8, 2002.

[20] Adam Sulmicki, “HOWTO on EAP/TLS authentication between FreeRadius and XSupplicant,” http://www.missl.cs.umd.edu/wireless/eaptls/.

[21] Yasir Zahur and T. Andrew Yang, “WIRELESS LAN SERCURITY AND LABORATORY DESIGNS,” CCSC: Southeastern Conference, 2003.

[22] W. Simpson, “PPP Challenge Handshake Authentication Protocol (CHAP),” RFC 1994, August 1996.

[23] LAN MAN Standards Committee of the IEEE Computer Society, “Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications,” IEEE Standard 802.11, 1999.

[24] LAN MAN Standards Committee of the IEEE Computer Society, “Port-Based Network Access Control,” IEEE Standard 802.1X, 2001.

[25] Wireless Communication Technologies Group, “Wireless Ad Hoc Networks,” http://w3.antd.nist.gov/wctg/manet/.

[26] Open 1X, “Open Source Implementation of IEEE 802.1X,” http://open1x.sourceforge.net/.

[27] The FreeRADIUS Project, “The FreeRADIUS server Project,” http://www.freeradius.org/.

[28] 賴溪松、邱榮輝、林祝興、盧而輝、張克章，電子簽章應用與實習，旗標出版股份有限公司，2003年。