WPS(Wi-Fi Protected Setup),Wi-Fi保护设置

最新推荐文章于 2022-09-27 08:37:45 发布
最新推荐文章于 2022-09-27 08:37:45 发布
阅读量2.1k 收藏 1
点赞数
分类专栏: 无线相关

本文转载至:http://www.beamsky.com/wps-wi-fi-protected-setup/


WPS(Wi-Fi Protected Setup) 是Wi-Fi联盟于2007年1月8日发布的一个简单的、可靠的无线网络标准。这个由Wi-Fi 联盟开发的可选认证项目主要针对家庭和小型企业无线网络用户,旨在简化无线局域网的安全设置,使用户能够更加轻松地在网络中添加新设备,并启用其安全性能。



WPS-Wi-Fi保护设置


WPS的诞生背景


根据Jupiter研究机构2006年进行的一项民意调查显示,安全性是用户最为关注的内容,但只有60%的无线网络具备相应的安全保护。主要原因是很多用户对安全技术了解太少,因此只能选择放弃使用安全设置。


无线局域网安全系统,包括当前的WPA2标准,都要求用户通过验证后才能登录网络启用安全性能。传统做法是,当用户构建新的WLAN时,必须首先在无线AP上设置网络名称和密码,无线AP再根据密码生成安全密钥。当新的客户端添加到这个WLAN时,用户还须要选择相应的网络名称并输入密码。客户端和AP交换安全证书后,新设备才算连接到无线网络。


利用Wi-Fi Protected Setup标准可以大大缩减这一过程,通过认证的接入点和客户端可以自动生成一个网络名称,并自动寻找其他的认证设备。接下来,用户只须按下设备上的一个按钮,或者在无线局域网中为每个设备创建一个4位或8位的PIN码,就可以触发认证,利用基于WPA2标准的预定义安全特性对设备进行配置,并将客户端设备添加到安全的网络。这个过程使得用户更容易启动和使用WPA2这项在2006年3月就已经成为认证产品强制性内容的标准。


此外,在今年晚些时候,Wi-Fi联盟还计划在该认证项目中加入另外两种方法,即通过近距离通信(NFC)方式和USB闪存盘方式将设备自动连入网络,用户无须输入PIN 码,只要用令牌或卡片在新设备上划过即可完成配置。


Gartner调查研究公司的分析师Ken Dulaney认为,标准推出后,许多用户对待安全性的态度可能还是与目前一样。不过,如果有些用户确实需要较高的安全性,那么这些网络设备的安全设置过程会比现在简便得多。特别是对于那些没有PC接口的设备(例如打印机和照相机)来说,设置安全性的过程尤其烦琐。现在用户可以使用设备上的小屏幕和导航按钮输入PIN码,这样就可以比较方便地进行安全设置,减少了很多麻烦的步骤。


WPS的工作原理


我们用“锁与钥匙”的比喻来形容Wi-Fi Protected Setup认证产品的配置及安全机制。该标准自动使用注册表为即将加入网络的设备分发证书。用户将新设备加入WLAN 的操作可被看作是将钥匙插入锁的过程(即启动配置过程并输入PIN码或按下PBC按钮)。此时,Wi-Fi Protected Setup启动设备与注册表之间的信息交换进程,并由注册表发放授权设备,加入WLAN 的网络证书(网络名称及安全密钥)。


随后,新设备通过网络在不受入侵者干扰的情况下进行安全的数据通信,这就好像是在锁中转动钥匙。信息及网络证书通过扩展认证协议(EAP)在空中进行安全交换,该协议是WPA2 使用的认证协议之一。此时系统将启动信号交换进程,设备完成相互认证,客户端设备即被连入网络。注册表则通过传输网络名(SSID)及WPA2“预共享密钥”(PSK)启动安全机制,由于网络名称及PSK 由系统自动分发,证书交换过程几乎不需用户干预。WLAN安全设置的“锁”就这样被轻松打开了。
HaveFunInLinux
关注
专栏目录
什么是 WPSWi-Fi Protected Setup
积累与分享
12-15 1785
<br />什么是 WPSWi-Fi Protected Setup)<br />WPSWi-Fi Protected SetupWi-Fi保护设置)是由Wi-Fi联盟(http://www.wi-fi.org/)组织实施的认证项目,主要致力于简化无线局域网的安装及安全性能配置工作。在传统方式下,用户新建一个无线网络时,必须在接入点手动设置网络名(SSID)和安全密钥,然后在客户端验证密钥以阻止“不速之客”的闯入。这整个过程需要用户具备Wi-Fi设备的背景知识和修改必要配置的能力。Wi-Fi Prot
WPSWi-Fi Protected Setup
03-28 1468
WPS WPSWi-Fi Protected Setup)   WPSWi-Fi Protected SetupWi-Fi保护设置)(有的叫做AOSS、有的叫做QSS,不过功能都一致。)是由Wi-Fi联盟组织实施的认证项目,主要致力于简化无线局域网的安装及安全性能配置工作。在传统方式下,用户新建一个无线网络时,必须在接入点手动设置网络名(SSID)和安全密钥,然后在客户端验证密钥以阻止“
Wi-Fi Protected Setup (Wi-Fi WPS)
maimang1001的专栏
09-27 468
(;
Wi-Fi_Protected_Setup_Specification_v2.0.8 WiFi联盟官方文档
05-30
Wi-...Wi-Fi Protected Setup Specification v2.0.8是Wi-Fi Alliance发布的最新版本的WPS规范,该规范为Wi-Fi设备制造商和服务提供商提供了一个统一的、安全的、易于使用的Wi-Fi设备配对方式。
wifi联盟最新版WPS协议 Wi-Fi-Protected-Setup-Specification-v2.0.8
最新发布
05-22
早期我们使用的多是1.0协议 或者2.0.5协议,由于最近更新了wpa3规范,可以看看wps对相关协议是否支持 之前早期的wps协议仅支持wpa2 或者wpa wpa2混合 ...
wp_Wi-Fi_CERTIFIED_Wi-Fi_Protected_Setup_20140409.pdf
05-21
Wi-Fi Protected SetupWPS)是由Wi-Fi联盟提出并认证的一项无线网络安全设置标准,旨在简化家庭和小型办公室(SOHO)无线网络的配置过程。用户通过WPS可以轻松地设置新的无线网络,添加新设备,启用安全功能,而不...
802.11--WPS(Wi-Fi Protected Setup)协议简析
热门推荐
Following-It的博客
07-26 1万+
一、概述 WPS全称为Wi-Fi Protected Setup,是WSC规范早期的名字,WSC全称为Wi-Fi Simple Configuration,该项技术用于简化SOHO环境中无线网络的配置和使用。举一个简单的例子,配置无线网络环境时,网管需要首先为AP设置SSID、安全属性(如身份认证方法、加密方法等)。然后他还得把SSID、密码告诉给该无线网络的使用者。可是这些安全设置信息对普通大众而言还是有些复杂。而有了WSC之后,用户只需输入PIN码(Personal Identification Num
Wi-Fi Protected Setup Specification 1.0h
11-19
Wi-Fi Protected Setup (WPS) 规范是Wi-Fi Alliance为简化安全设置流程并方便设备加入到WPA(Wi-Fi Protected Access)支持的802.11网络而提出的一项技术标准。该规范版本号为1.0h,发布于2006年12月。WPS的主要目的...
Wi-Fi Protected Setup Specification 1.0
03-27
1. Introduction ........................................................................................................................7 1.1. Purpose .............................................................................................................................................. 7 1.2. Scope................................................................................................................................................... 7 1.3. Related Documents .......................................................................................................................... 7 1.4. Supported Usage Models................................................................................................................. 7 Primary Usage Models................................................................................................................................. 7 Secondary Usage Models ............................................................................................................................. 7 1.5. Mental Model .................................................................................................................................... 8 1.6. Design Approach .............................................................................................................................. 8 1.7. Solution Flexibility ........................................................................................................................... 8 1.8. User Experience................................................................................................................................ 9 1.8.1. In-band Setup ............................................................................................................................... 9 1.8.2. Out-of-band Setup ....................................................................................................................... 9 2. Core Architecture..............................................................................................................11 2.1. Definitions........................................................................................................................................ 11 2.2. Components and Interfaces .......................................................................................................... 12 2.2.1. Architectural Overview .......................................................................................................................... 12 2.2.2. Interface E ............................................................................................................................................... 12 2.2.3. Interface M.............................................................................................................................................. 13 2.2.4. Interface A............................................................................................................................................... 14 2.3. Registration Protocol ..................................................................................................................... 15 2.4. Security Overview.......................................................................................................................... 16 2.4.1. In-band Configuration .............................................................................................................. 16 2.4.2. Guidelines and Requirements for PIN values ....................................................................... 18 2.4.3. Out-of-band Configuration ...................................................................................................... 18 3. Initial WLAN Setup ..........................................................................................................19 3.1. Standalone AP ................................................................................................................................ 19 3.2. Legacy AP........................................................................................................................................ 19 3.3. AP With an External Registrar ................................................................................................... 20 3.3.1. EAP-based Setup of External Registrar................................................................................. 21 3.3.2. Ethernet-based Setup of External Registrar ......................................................................... 23 Wi-Fi Alliance Confidential Wi-Fi Protected Setup Specification Page 3 of 110 Version: 1.0h 4. Adding Member Devices ...................................................................................................25 4.1. In-band Setup Using a Standalone AP/Registrar ..................................................................... 25 4.2. Out-of-band Setup Using a Standalone AP/Registrar.............................................................. 27 4.3. Out-of-band Setup Using an External Registrar ...................................................................... 28 4.4. Secure Setup with Legacy AP ...................................................................................................... 29 4.5. Secure Setup with Legacy Enrollee ............................................................................................. 29 4.5.1. Mental model mapping ............................................................................................................. 29 4.6. No-Security Out-of-band Setup Using a Standalone AP ......................................................... 29 4.6.1. Mental model mapping ............................................................................................................. 30 5. Secondary Usage Models ..................................................................................................31 5.1. Removing Members from the WLAN......................................................................................... 31 5.2. Guest access..................................................................................................................................... 31 5.3. Re-keying credentials .................................................................................................................... 31 5.4. Expanding the network - Adding additional AP or Router .................................................... 31 5.5. Changing Network Name (SSID), radio channels, etc. ............................................................ 31 6. Registration Protocol Definition .......................................................................................33 6.1. Registration Protocol Initiation ................................................................................................... 33 6.2. Registration Protocol Messages ................................................................................................... 34 6.2.1. Optional Parameters................................................................................................................................ 35 6.3. Key Derivation................................................................................................................................ 36 6.4. Proof-of-possession of Device Password ..................................................................................... 38 6.4.1. PIN Checksums .......................................................................................................................... 38 6.4.2. Device Password Splitting......................................................................................................... 39 6.4.3. Device Password Usage ............................................................................................................. 39 6.5. Key Wrap Algorithm..................................................................................................................... 40 6.6. Rekeying .......................................................................................................................................... 41 6.7. Key Summary and Classification ................................................................................................ 41 6.8. Security Analysis ............................................................................................................................ 42 6.9. Out-Of-Band Channels ................................................................................................................. 43 6.9.1. Out-of-band Channel Characteristics .................................................................................................... 43 6.10. EAP Transport of Registration Protocol................................................................................ 43 6.10.1. EAP Message Framing ........................................................................................................................... 44 6.10.2. EAP Messages......................................................................................................................................... 45 6.10.3. EAP State Machine for Enrollee Registration ...................................................................................... 47 6.10.4. EAP State Machine for Adding an External Registrar ......................................................................... 48 Wi-Fi Alliance Confidential Wi-Fi Protected Setup Specification Page 4 of 110 Version: 1.0h 6.11. UPnP Transport of Registration Protocol ............................................................................. 49 7. Message Encoding ............................................................................................................50 7.1. Wi-Fi Protected Setup TLV Data Format.................................................................................. 50 7.2. 802.11 Management Frames......................................................................................................... 50 7.2.1. Beacon Frame (C) ...................................................................................................................... 52 7.2.2. Association Request and Reassociation Request................................................................... 52 7.2.3. Association Response and Reassociation Response .............................................................. 52 7.2.4. Probe Request (D-E or D-R) .................................................................................................... 53 7.2.5. Probe Response (D-AP/Registrar)........................................................................................... 53 7.3. Registration Protocol Message Definitions ................................................................................ 54 7.3.1. Message M1................................................................................................................................. 54 7.3.2. Message M2................................................................................................................................. 55 7.3.3. Message M2D.............................................................................................................................. 56 7.3.4. Message M3................................................................................................................................. 56 7.3.5. Message M4................................................................................................................................. 56 7.3.6. Message M5................................................................................................................................. 57 7.3.7. Message M6................................................................................................................................. 57 7.3.8. Message M7................................................................................................................................. 58 7.3.9. Message M8................................................................................................................................. 59 7.3.10. WSC_ACK Message .................................................................................................................. 60 7.3.11. WSC_NACK Message ............................................................................................................... 60 7.3.12. WSC_Done Message .................................................................................................................. 60 7.4. AP Settings Message Definitions.................................................................................................. 61 7.4.1. GetAPSettings Input Message.................................................................................................. 61 7.4.2. GetAPSettings Output Message............................................................................................... 62 7.4.3. SetAPSettings Message.............................................................................................................. 63 7.4.4. DelAPSettings Message ............................................................................................................. 63 7.4.5. SetSelectedRegistrar Message.................................................................................................. 64 7.4.6. ResetAP and RebootAP Messages........................................................................................... 64 7.5. STA Settings Message Definitions ............................................................................................... 65 7.5.1. GetSTASettings Input Message ............................................................................................... 65 7.5.2. GetSTASettings Output Message ............................................................................................ 65 7.5.3. SetSTASettings Message ........................................................................................................... 66 7.5.4. DelSTASettings Message .......................................................................................................... 67 7.5.5. ResetSTA and RebootSTA Messages...................................................................................... 67 Wi-Fi Alliance Confidential Wi-Fi Protected Setup Specification Page 5 of 110 Version: 1.0h 8. USBA (USB Host) Out-of-Band Interface Specification ..................................................68 8.1. Requirements for USB Flash Drives (UFD)............................................................................... 68 8.2. Enrollee Requirements for USBA OOB Interfaces .................................................................. 68 8.3. Firmware and Software Requirements ...................................................................................... 69 8.3.1. Encrypted Settings File (xxxxxxxx.WSC) .............................................................................. 69 8.3.2. Unencrypted Settings File (00000000.WSC).......................................................................... 69 8.3.3. Enrollee Device Password and Key Hash (xxxxxxxx.WFA) ............................................... 70 9. NFC Out-of-Band Interface Specification........................................................................71 9.1. Disclaimer........................................................................................................................................ 71 9.2. Overview.......................................................................................................................................... 71 9.3. NFC Use Cases................................................................................................................................ 72 9.3.1. NFC Password Token................................................................................................................ 72 9.3.2. Touching Devices ....................................................................................................................... 72 9.3.3. NFC Configuration Token........................................................................................................ 73 9.4. Generic Requirements for NFC OOB Support ......................................................................... 73 9.4.1. New Devices (Enrollee or AP) Requirements ........................................................................ 73 9.4.2. Registrar Requirements ............................................................................................................ 74 9.5. Hardware Requirements............................................................................................................... 74 9.5.1. Requirements for NFC Tokens................................................................................................ 74 9.5.2. Requirements for an NFC Device............................................................................................ 74 9.6. Firmware and Software Requirements ...................................................................................... 74 9.6.1. NFC Password Token................................................................................................................ 74 9.6.2. NFC Configuration Token........................................................................................................ 75 9.6.3. NFC Device ................................................................................................................................. 75 9.7. Informative: NFC Forum specifications..................................................................................... 75 9.7.1. NFC Data Exchange Format (NDEF)..................................................................................... 75 9.7.2. NDEF mapping documents ...................................................................................................... 76 10. PushButton Configuration............................................................................................77 10.1. Introduction ................................................................................................................................ 77 10.2. User Experience.......................................................................................................................... 77 10.3. PBC Technical Description ...................................................................................................... 78 10.4. User Feedback ............................................................................................................................ 81 10.5. PBC Security Considerations................................................................................................... 82 11. Data Element Definitions ..............................................................................................84 Wi-Fi Alliance Confidential Wi-Fi Protected Setup Specification Page 6 of 110 Version: 1.0h 12. Conclusion...................................................................................................................105 13. Appendix: Additional Setup Scenarios .......................................................................107 14. Appendix: Out-of-Band Channel Considerations ......................................................109
Android Wi-Fi Wi-Fi Protected SetupWPS
回眸^_^已劃句點
07-25 1102
Wi-Fi Protected Setup里有三个主要途径来设置网络:按钮,输入PIN码,以及近场通信(NFC)。 PIN输入在所有的Wi-Fi Protected Setup设备里是是强制性的,同时按钮和NFC是可选的,它们也可以在一些设备中找到。 按钮式配置(PBC) 在某些Wi-Fi保护设置网络中,用户可以将多个设备连接到网络,并通过按压按钮使数据加密。 接入点/无线路由器有一
WiFi Protected Setup (一)
无线互联&网络介绍
05-21 1820
OverView 参考: https://download.csdn.net/download/gang542725/12442134 https://download.csdn.net/download/gang542725/12442126 What is Wi-Fi Protected Setup? Wi-Fi安全设置帮助消费者确保他们购买的Wi-Fi设备可以很容易地配置在他们的Wi-Fi网络上启用的安全功能,他们可以更容易地将新的Wi-Fi安全设置设备添加到已建立的网络中。 ...
Wi-Fi CERTIFIED™ for Wi-Fi Protected Setup
peilizeng的专栏
04-17 730
<br />Executive Summary <br />Wi-Fi Protected Setup™ is an optional certification program from the Wi-Fi Alliance® that is <br />designed to ease the task of setting up and configuring security on wireless local area networks. <br />Introduced by the Wi-Fi
Wi-Fi Protected Setup过程
myxmu的专栏
10-01 4478
75 15:32:25.632523 0.002491 802.11 Probe Rsp CA:DD:C9:F2:0F:C3 C8:DD:C9:79:0E:EC CA:DD:C9:F2:0F:C3 264 76 15:32:25.639253 0.006730 802.11 Probe Rsp CA:DD:C9:F2:0F:C3 C8:DD:C9:79:0E:EC CA:DD:C9:F2:0F:
Wi-Fi CERTIFIED™ for Wi-Fi Protected Setup™:
EIP的专栏
12-25 1951
WPS 的介绍 WPS 的基本概念 
Wi-Fi Protected Setup: 简化安全设备网络接入方案
"Wi-Fi Protected Setup (WPS) 是一种由Wi-Fi Alliance提出的简化Wi-Fi设备安全设置和网络接入的规范。该规范旨在满足Wi-Fi Protected Setup工作组的需求,目的是让不熟悉网络配置的用户也能轻松地将设备连接到支持...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值