¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È - SE̼¤Î·õ -

¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤Î»î¸³Âкö¥µ¥¤¥È¡Êby º¸Ìç»êÊö¤Î³ô¼°²ñ¼Ò¥¨¥¹¥¨¥¹¥³¥ó¥µ¥ë¥Æ¥£¥ó¥°¡Ë¤Ç¤¹¡£¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È»î¸³¤Î
ÊÙ¶¯ÊýË¡¡¢¹ç³ÊÂθ³ÃÌ¡¢¹ç³Ê¤Î¥³¥Ä¡¢²áµîÌä²òÀâ¡¢´ðÁÃÃμ±¤Ê¤É¤Î¾ðÊó¤ò·ÇºÜ¤·¤Þ¤¹¡£»î¸³Âкö¥»¥ß¥Ê¡¼¡¦¸¦½¤¤â¹Ô¤Ã¤Æ¤ª¤ê¤Þ¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È»î¸³Âкö¡¦ÊÙ¶¯¤Ê¤éº¸Ìç»êÊö¤ÎºÇ¤â¾Ü¤·¤¤²áµîÌä²òÀâ¡Ö¥Í¥¹¥Ú¡×¥·¥ê¡¼¥º¡Êµ»½ÑɾÏÀ¼Ò¡Ë¤Ç¡ª¡ª

¥«¥Æ¥´¥ê¡§7.¥ê¥ó¥¯ÁØ¡ÊL1,L2¡Ë > 7.14 ̵ÀþLAN¡Ê޾޷ޭިŽÃލ¡Ë

̵ÀþLAN¤Î°Å¹æ²½µ»½Ñ¤ò¤­¤ì¤¤¤ËÀ°Íý¤Ï¤Ç¤­¤Ê¤¤¡£
¤¿¤À¡¢°Å¹æ²½¤Îµ»½Ñ¤È¤·¤Æ¤Ï¡¢°Ê²¼¤Î3¤Ä¤Ç¹Í¤¨¤ì¤Ð¤è¤¤¤À¤í¤¦¡£
­¡WEP¡Ê°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤ÏRC4¡Ë
­¢TKIP¡Ê°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤ÏRC4¡Ë
­£AES
4

°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤Ã¤Æ¤Ê¤ó¤Ç¤¹¤«¡©
¥·¡¼¥¶¡¼°Å¹æ¤Î¤è¤¦¤Ê¡¢°Å¹æ²½¤Îµ»½Ñ¤½¤Î¤â¤Î¡£°ìÊý¡¢TKIP¤Ë´Ø¤·¤Æ¤Ï¡¢²áµîÌä¤Ç¤Ï¡¢¡Ö°Å¹æ²½¥×¥í¥È¥³¥ë¡×¤È¤¤¤¦É½¸½¤ò»È¤Ã¤Æ¤¤¤ë¡£°Å¹æ²½µ»½Ñ¤À¤±¤Ç¤Ï¤Ê¤¯¡¢¸°¸ò´¹¤Ê¤É¤Î»ÅÁȤߤâÉղä·¤¿¤â¤Î¤À¡£
°Å¹æ²½¥×¥í¥È¥³¥ë¤Ë¤ÏTKIP¤òÍøÍѤ·¤Æ¤ª¤ê,¥°¥ë¡¼¥×¸°¤Î¹¹¿·´Ö³Ö¤Ï3,600ÉäÀ¤Ã¤¿¡£(H23½ÕSC¸á¸å­¶Ìä2)
½÷À­¸ý³«¤­

°Å¹æ²½µ»½Ñ¤È¤·¤ÆWPA¤â¤¢¤ë¤È»×¤¤¤Þ¤¹¡£
¤³¤Á¤é¤â¡¢¸ÀÍÕ¤ÎÌäÂ꤫¤â¤·¤ì¤Ê¤¤¡£²áµîÌä¤Ç¤Ï¡¢WPA¤ò¡ÖÄÌ¿®µ¬³Ê¡×¤Èɽ¸½¤·¤Æ¤¤¤ë¡£WPA¤Ï¡¢°Å¹æ²½¤Î»ÅÁȤߡÊTKIP¡Ë¤È¡¢Ç§¾Ú¤Î»ÅÁȤߡÊIEEE802.1X¡Ë¤È¡¢²þ¤¶¤óËɻߡÊMIC¡Ë¤Î»ÅÁȤߤò´Þ¤á¤¿ÄÌ¿®µ¬³Ê¤È¸Æ¤Ö¤Ù¤­¤À¤È¹Í¤¨¤Æ¤¤¤ë¡£¾¯¤Ê¤¯¤È¤â¡¢°Å¹æ²½¤À¤±¤Îµ»½Ñ¤Ç¤Ï¤Ê¤¤¡£
ÄÌ¿®µ¬³Ê¤Ë¤ÏWPA¤ËPSK¤òÍøÍѤ·¤Æ¤¤¤¿(°Ê²¼,¤³¤ÎÄÌ¿®µ¬³Ê¤Èǧ¾ÚÊý¼°¤òÊ»¤»¤ÆWPA-PSK¤È¤¤¤¦)¡£(H23½ÕSC¸á¸å­¶Ìä2)



½÷À­Ä¾Î©TKIP¡ÊTemporal Key Integrity Protocol¡Ë¤Ï¡¢WEP¤ÎÀȼåÀ­¤ò²ò¾Ã¤¹¤ë¤¿¤á¤ËWEP¤«¤é4¤Ä¤ÎÉôʬ¤ò²þÎɤ·¤¿¸å·Ñµ¬³Ê¤Ç¤¹¡£²þÎÉÅÀ¤ò³Ð¤¨¤ëɬÍפϤ¢¤ê¤Þ¤»¤ó¤¬¡¢ÄÌ¿®¤ÎÅÓÃæ¤Ç°Å¹æ¸°¤òÊѹ¹¤·¤Æ¤¤¤ëÅÀ¤ÏÂ礭¤ÊÊѹ¹ÅÀ¤Ç¤¹¡£

¤È¤Ï¤¤¤¨¡¢´ðËÜŪ¤Ë¤ÏWEP¤ò±þÍѤ·¤Æ¤¤¤ë¤À¤±¤Ê¤Î¤Ç¡¢º¬ËÜŪ¤Ê²ò·è¤Ë¤Ï¤Ê¤Ã¤Æ¤ª¤é¤º¡¢ÀȼåÀ­¤¬Ç§¤á¤é¤ì¤Æ¤¤¤Þ¤¹¡£
TKIP¤ÏWPA¤ÇÍøÍѤµ¤ì¡¢WPA2¤Ç¤Ï¶¯Å٤ʰŹ浬³Ê¤Ç¤¢¤ëAES¤ò»È¤Ã¤Æ¤¤¤Þ¤¹¡£
TKIP¤ò°Å¹æ²½µ¬³Ê¤Èɽ¸½¤µ¤ì¤Æ¤¤¤ë¤³¤È¤¬Â¿¤¤¤¬¡¢AES¤ÈƱ¼¡¸µ¤Î¤â¤Î¤Ç¤Ï¤Ê¤¤¡£TKIP¤Ï°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤È¤·¤ÆRC4¤òÍøÍѤ·¤Æ¤ª¤ê¡¢TKIP¤Ï°Å¹æ¤È¸°¸ò´¹¤Î»ÅÁȤߤȹͤ¨¤¿Êý¤¬¤è¤¤¤«¤â¤·¤ì¤Ê¤¤¡£

¤¿¤À¡¢¤¢¤Þ¤ê¿¼¤¯¹Í¤¨¤Ê¤¤Êý¤¬¤è¤¤¤Ç¤·¤ç¤¦¡£

TKIP¡áưŪWEP¤È¤·¤Æ¤¤¤ë½ñ¤­Êª¤â¤¢¤ë¡£

TKIP¤ÈưŪWEP¤Î°ã¤¤¤Ï¡¢802.1xǧ¾Ú¤Ê¤É¤Î»ÅÁȤߤÈϢư¤·¤Æ¤â¤·¤Ê¤¯¤Æ¤â¥­¡¼¤¬ÊѤï¤ë¤Î¤¬TKIP¤À¤¬¡¢Æ°ÅªWEP¤Ï¤½¤¦¤Ç¤Ï¤Ê¤¤¡£

²áµîÌä¡ÊH29½©NW¸á¸å­¶Ìä2¡Ë¤Ç¤Ï¡¢TKIP¤Ë´Ø¤·¤Æ¡¢°Ê²¼¤Îµ­ºÜ¤¬¤¢¤ê¤Þ¤¹¡£
TKIP¤Ç¤Ï¡¤°Å¹æ¸°¤Î´ð¤Ë¤Ê¤ë°ì»þ¸°¡ÊTemporal Key¡Ë¤¬Æ°Åª¤ËÀ¸À®¤µ¤ì¤ë¡£¥¨¥ó¥¿¡¼¥×¥é¥¤¥º¥â¡¼¥É¤Î¾ì¹ç¡¤°ì»þ¸°¤Ï¡¤IEEE 802.1X¤Îǧ¾ÚÀ®¸ù¸å¤Ë[¡¡h¡§Ç§¾Ú¥µ¡¼¥Ð¡¡]¤ÇưŪ¤ËÀ¸À®¤µ¤ì¤Æ¥¯¥é¥¤¥¢¥ó¥È¤ËÇÛÉÛ¤µ¤ì¤ëPMK¡ÊPairwise Master Key¡Ë¤ò´ð¤Ë¡¤ÌµÀþLANüËöµÚ¤Ó[¡¡h¡¡]¤Îξ¼Ô¤ÇÀ¸À®¤µ¤ì¤ë¡£TKIP¤Ç¤Ï¡¤¥Õ¥§¡¼¥º1¤Ç¡¤°ì»þ¸°¡¤IVµÚ¤Ó̵ÀþLANüËö¤Î[¡¡i¡§MAC¥¢¥É¥ì¥¹¡¡]¤Î»°¤Ä¤òº®¹ç¤·¤Æ¥­¡¼¥¹¥È¥ê¡¼¥à1¤òÀ¸À®¤¹¤ë¡£¥Õ¥§°ì¥º2¤Ç¡¤¥­¡¼¥¹¥È¥ê¡¼¥à1¤ËIV¤Î³ÈÄ¥¤µ¤ì¤¿Éôʬ¤òº®¹ç¤·¤Æ¡¤°Å¹æ¸°¤Ç¤¢¤ë¥­¡¼¥¹¥È¥ê¡¼¥à2¤òÀ¸À®¤¹¤ë¡£¥­¡¼¥¹¥È¥ê¡¼¥à1¤È¥­¡¼¥¹¥È¥ê¡¼¥à2¤Ï¡¤ÄÌ¿®ÅÓÃæ¤ËÊѹ¹¤µ¤ì¤ë¡£2Ãʳ¬¤Î¸°º®¹ç¡¤¥­¡¼¥¹¥È¥ê¡¼¥à¤ÎÊѹ¹¤Ë¤è¤Ã¤Æ,  WEP¤è¤ê¤â¹â¤¤°ÂÁ´À­¤ò¼Â¸½¤·¤Æ¤¤¤ë¤¬¡¤ÀȼåÀ­¤¬Êó¹ð¤µ¤ì¤Æ¤¤¤ë¤Î¤ÇºÎÍѤ·¤Ê¤¤¡£
¤³¤³¤Ë¤¢¤ê¤Þ¤¹¤è¤¦¤Ë¡¢TKIP¤Ç¤Ï¡¢­¡°ì»þ¸°¡¤­¢IV¡¢­£ÌµÀþLANüËö¤ÎMAC¥¢¥É¥ì¥¹¤Î»°¤Ä¤òº®¹ç¤·¤Æ°Å¹æ¥­¡¼¤òÀ¸À®¤·¤Þ¤¹¡£



̵ÀþLAN¤Î°Å¹æ²½Êý¼°¤Ë¤Ä¤¤¤Æ¤Ï¡¢°Ê²¼¤ò³Îǧ¤¯¤À¤µ¤¤¡£
WEP¡¢WPA¡¢WPA2¤Ë¤Ä¤¤¤Æ¡¢Èæ³Ó¤ò·ÇºÜ¤·¤Æ¤¤¤Þ¤¹¡£
http://www.viva-musen.net/archives/18796333.html
¤Þ¤¿¡¢²áµîÌä¡ÊH29½©NW¸á¸å­¶Ìä2¡Ë¤Ç¤Ï¡¢°Ê²¼¤Î¤è¤¦¤ËÀ°Íý¤¬¤µ¤ì¤Æ¤¤¤Þ¤¹¡£

ɽ3¡¡ÌµÀþLAN¤Î¥Ç¡¼¥¿°Å¹æ²½Êý¼°
Êý¼° ÀâÌÀ
WEP(Wired Equivalent Privacy) RC4¤È¸Æ¤Ð¤ì¤ë°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤ò»ÈÍѤ·¤¿[¡¡d¡§¶¦ÄÌ¡¡]¸°°Å¹æÊý¼°
WPA(Wi-Fi Protected Access) °Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤ÏWEP¤ÈƱ¤¸RC4¤ò»ÈÍѤ¹¤ë¤¬¡¤°Å¹æ²½¥×¥í¥È¥³¥ë¤ËTKIP ¡ÊTemporal Key Integrity Protocol¡Ë¤ò»ÈÍѤ·¤Æ°Å¹æ¶¯ÅÙ¤ò¹â¤á¤¿Êý¼°
WPA2(Wi-Fi Protected Access 2) °Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤ÏAES¤ËÂбþ¤·¡¤°Å¹æ²½¥×¥í¥È¥³¥ë¤ËCCMP(Counter-mode with CBC-MAC Protocol¡Ë¤ò»ÈÍѤ·¤¿,  WPA ¤è¤ê¤â·øÏ´¤ÊIEEE¡Î¡¡ e¡§802.11i¡¡¡Ï½àµò¤ÎÊý¼°

WPA2¤ÈIEEE802.11i¤Î°ã¤¤¤Ë¤Ä¤¤¤Æ
²áµîÌä¡ÊH25½©NW¸á¸å­¶¡Ë¤Ç¤Ï¡¢¡ÖIEEE¤Î¥»¥­¥å¥ê¥Æ¥£¾å¤ÎÌäÂêÅÀ¤ò²ò·è¤¹¤ë¤¿¤á¤Ë, IEEE802.11i¤¬µ¬³Ê²½¤µ¤ì¤¿¡£IEEE 802.11i¤ò´ð¤ËºöÄꤵ¤ì¤¿WPA2 (Wi-Fi Protected Access 2¡Ë¡×¤Èµ­ºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤òÌܻؤ¹½÷À­SE¥Ï¥Æ¥Ê¡¡

¤Ç¡¢ IEEE802.11i¤ÈWPA2¤È¤Ï¤É¤¦°ã¤¦¤Î¤Ç¤¹¤«¡©
ÆâÍÆ¤Ï¡¢¤Û¤Ü¤ª¤Ê¤¸¤È¹Í¤¨¤Æ¤¯¤À¤µ¤¤¡£IEEE802.11i¤ÏIEEE¤¬É¸½à²½¤·¤¿¤â¤Î¤Ç¡¢WPA2¤Ï¡¢ÌµÀþLAN¤Î¶È³¦ÃÄÂΤǤ¢¤ëWi-Fi¥¢¥é¥¤¥¢¥ó¥¹¤¬ºöÄꤷ¤¿¤â¤Î¤Ç¤¹¡£



WPA(WPA2¡Ë¤Ç¤Ï¡¢¥Ñ¡¼¥½¥Ê¥ë¥â¡¼¥É¤È¥¨¥ó¥¿¡¼¥×¥é¥¤¥º¥â¡¼¥É¤Î2¤Ä¤¬¤¢¤ê¤Þ¤¹¡£
¥Ñ¡¼¥½¥Ê¥ë¥â¡¼¥É¤Ç¤Ï¡¢PSK¤Çǧ¾Ú¤·¤Þ¤¹¡£¤Ä¤Þ¤ê¡¢Ç§¾Ú¥µ¡¼¥Ð¤ÏÉÔÍס£
¥¨¥ó¥¿¡¼¥×¥é¥¤¥º¥â¡¼¥É¤Ç¤Ï¡¢Ç§¾Ú¥µ¡¼¥Ð¤ò»È¤Ã¤Æ¸ÄÊ̤Ëǧ¾Ú¤ò¤·¤Þ¤¹¡£
¥Ñ¡¼¥½¥Ê¥ë¥â¡¼¥É


»²¹Í¤Ç¤¹¤¬¡¢°Ê²¼¤¬Windows8.1¤Ç¿·µ¬¤Ë̵ÀþLAN¤ÎÀßÄê¤ò¤¹¤ë¤È¤­¤Î²èÌ̤Ǥ¹¡£
¥»¥­¥å¥ê¥Æ¥£¤Î¼ïÎà¤È¤·¤Æ¡¢¡ÖWPA2-¥Ñ¡¼¥½¥Ê¥ë¡×¤È¡ÖWPA2-¥¨¥ó¥¿¡¼¥×¥é¥¤¥º¡×¤¬Áª¤Ù¤Þ¤¹¡£
wifi



½÷À­ÏÓÁȤß
IPA¤¬È¯É½¤¹¤ë̵ÀþLAN¤Î¥»¥­¥å¥ê¥Æ¥£Âкö¤Ï³Îǧ¤·¤Æ¤ª¤­¤Þ¤·¤ç¤¦¡£ÌäÂê¤òºîÀ®¤·¤Æ¤¤¤ëIPA¤Î¸«²ò¤Ê¤Î¤Ç¡¢²òÅú¤ÎÊý¸þÀ­¤È¹çÃפ·¤Þ¤¹¡£

°Ê²¼¤Î¥µ¥¤¥È¤«¤é°úÍѡʵì¥ê¥ó¥¯¤Ç¡¢º£¤Ï°ã¤¦¤è¤¦¤À¡Ë
http://www.ipa.go.jp/security/ciadr/20030228wirelesslan.html
¢¡£±¡¥¥ê¥¹¥¯
¡Ê£±¡ËÄÌ¿®ÆâÍÆ¤ÎÅðİ
¡Ê£²¡Ë̵ÀþLAN¤ÎÉÔÀµÍøÍÑ

¢¡£²¡¥¥»¥­¥å¥ê¥Æ¥£Âкö
¡Ê£±¡ËÀßÄêÊѹ¹
̵ÀþLAN¥¢¥¯¥»¥¹¥Ý¥¤¥ó¥È¤ÎÀßÄê¤ò¡¢¹©¾ì½Ð²Ù¾õÂÖ¤«¤éɬ¤ºÊѹ¹¤¹¤ë¡£
¡Ê£²¡ËÀßÄêÆâÍÆ
­¡SSID¡ÊService Set ID¡Ë
 ¹©¾ì½Ð²Ù¾õÂÖ¤ÎSSID¤«¤éÊѹ¹¤¹¤ë
 SSID¤Ïµ¡¼ï¤ä»ÈÍѼԤò¿ä¬¤·¤Ë¤¯¤¤ÃͤËÊѹ¹¤·¤Þ¤·¤ç¤¦
 
­¢WEP¡ÊWired Equivalent Privacy¡Ë
 128bitÅù¤ÎWEP°Å¹æ¤òÍ­¸ú¤Ë¤¹¤ë
 WEP¥­¡¼¤Ï¿ä¬¤·¤Ë¤¯¤¤ÃͤËÄê´üŪ¤ËÊѹ¹¤·¤Þ¤·¤ç¤¦
 
­£MAC¡ÊMedia Access Control¡Ë¥¢¥É¥ì¥¹
 MAC¥¢¥É¥ì¥¹Ç§¾Ú¤Ë¤è¤êüËö¤òÀ©¸Â¤¹¤ë

¢¡£³¡¥Î±°ÕÅÀ
̵ÀþLAN¤Î¥»¥­¥å¥ê¥Æ¥£¤Ë¤Ä¤¤¤Æ¤Ï¼¡¤Î¤è¤¦¤ÊÌäÂêÅÀ¤¬Êó¹ð¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¡¦WEP¤Î°Å¹æ²½¤Ï´Êñ¤Ë²òÆÉ¤µ¤ì¤Æ¤·¤Þ¤¦
¡¦MAC¥¢¥É¥ì¥¹µ¶Â¤Åù¤Ë¤è¤ê¡¢¤Ê¤ê¤¹¤Þ¤·¤¬Íưפ˹Ԥ¨¤ë
¤·¤«¤·¤Ê¤¬¤é¡¢WEP¥­¡¼¤äMAC¥¢¥É¥ì¥¹Ç§¾Ú¤ÎÀßÄê¤Ï¡¢ÅðݤäÉÔÀµÍøÍѤòÆñ¤·¤¯¤·¤Þ¤¹¡£¹¶·â¤ò¤Ç¤­¤ë¤À¤±Èò¤±¤ë¤¿¤á¤ÎºÇÄã¸Â¤ÎÂкö¤È¤·¤ÆÅ°Ä줷¤Þ¤·¤ç¤¦¡£



1.MAC¥¢¥É¥ì¥¹Ç§¾Ú
¡¡MAC¥¢¥É¥ì¥¹¥Õ¥£¥ë¥¿¥ê¥ó¥°¤ÏMAC¥¢¥É¥ì¥¹¤Ë¤è¤ëǧ¾Ú¤Ç¤¢¤ë¤¬¡¢¥»¥­¥å¥ê¥Æ¥£Âкö¤È¤·¤Æ¤ÏÉÔ½½Ê¬¤Ç¤¢¤ë¡£¤Ê¤¼¤Ê¤é¡¢MAC¥¢¥É¥ì¥¹¤Ï°Å¹æ²½¤µ¤ì¤Æ¤ª¤é¤º¡¢¤Þ¤¿µ¶Áõ¤â²Äǽ¤À¤«¤é¤Ç¤¢¤ë¡£¤Þ¤¿¡¢³Æ¥¢¥¯¥»¥¹¥Ý¥¤¥ó¥È¡ÊAP¡Ë¤Ë¡¢ÍøÍѤ¹¤ëPC¤ÎÁ´MAC¥¢¥É¥ì¥¹¤òÅÐÏ¿¤¹¤ëɬÍפ¬¤¢¤ê¡¢±¿ÍÑÌ̤ÎÉéô¤¬Â礭¤¤¡£
¡¡¤È¤Ï¤¤¤¨¡¢MAC¥¢¥É¥ì¥¹Ç§¾Ú¤Ï·ë¹½»È¤ï¤ì¤Æ¤¤¤ë¡£Å¥ËÀ¤ÏÆþ¤ê¤ä¤¹¤¤²È¤Ë¿¯Æþ¤¹¤ë¤Î¤ÈƱ¤¸¤Ç¡¢µ¶Â¤²Äǽ¤È¤Ï¤¤¤¨Â¿¾¯¤Ç¤â¥»¥­¥å¥ê¥Æ¥£Âкö¤¬¤µ¤ì¤Æ¤¤¤ì¤Ð¡¢ÌÌÅݤȤ¤¤¦Íýͳ¤Ç¿¯Æþ¤µ¤ì¤Ë¤¯¤¯¤Ê¤ë¡£¤Þ¤¿¡¢Ç§¾Ú¥µ¡¼¥Ð¤ËMAC¥¢¥É¥ì¥¹¤ò°ìÍ÷ÅÐÏ¿¤·¡¢Ç§¾Ú¥µ¡¼¥Ð¤Ë¤ÆÇ§¾Ú¤µ¤»¤ë¤³¤È¤â²Äǽ¡£¤³¤ì¤Ç¤¢¤ì¤Ð¡¢AP¤Ø¤ÎÈÑ»¨¤ÊÅÐÏ¿¤¬¤Ê¤¤¡£

²áµîÌä¡ÊH20SV¸á¸å­¶Ìä2¡Ë¤Ë¤Ï¡¢°Ê²¼¤Îµ­½Ò¤¬¤¢¤ë¡£
ÍøÍѼÔǧ¾Ú¤ÎÌ̤«¤é¸À¤¦¤È,Ãμ±¤Î¤¢¤ë¿Í¤Ê¤éMAC¥¢¥É¥ì¥¹¤Ïµ¶Áõ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤«¤é½½Ê¬¤ÊÂкö¤È¤Ï¤¤¤¨¤Ê¤¤¡£¤µ¤é¤Ë,³Æ¹»¤ÎAP¤ËÍøÍѼԤΥΡ¼¥ÈPC¤ÎMAC¥¢¥É¥ì¥¹¤ò¤¹¤Ù¤ÆÅÐÏ¿¤¹¤ëɬÍפ¬¤¢¤ë¤«¤é,´ÉÍý¾å¤Î¼ê´Ö¤â¤«¤«¤ë¡£

£²¡¥ÌµÀþLAN¤Îǧ¾Úµ»½Ñ
¾åµ­¤ÎMAC¥¢¥É¥ì¥¹Ç§¾Ú¤Ï¡¢ÌµÀþLAN¤Îµ»½Ñ¤È¤¤¤¦¤è¤ê¤Ï¡¢¥Í¥Ã¥È¥ï¡¼¥¯¤È¤·¤Æ¤Îǧ¾Ú¤Ç¤¢¤ë¡£°Ê²¼¤Ï¡¢ÌµÀþLAN¤Îǧ¾Úµ»½Ñ¤Ë´Ø¤·¤Æ¡¢¼ÂºÝ¤ÎÀßÄê¤ò°Õ¼±¤·¤ÆÊ¬Îह¤ë¡£
ǧ¾Úµ»½Ñ¤Ï°Ê²¼¤Î3¤Ä¤Ç¹Í¤¨¤ë¤È¤è¤¤¤À¤í¤¦¡£
1)¥ª¡¼¥×¥ó¥­¡¼
2)»öÁ°¶¦Í­¸°¡¡¢¨1)¤È¤ä¤Ã¤Æ¤¤¤ë¤³¤È¤ÏƱ¤¸
3)EAP

¤½¤ì¤¾¤ì¤ËÂбþ¤¹¤ë̵ÀþLAN¤Î»ÅÁȤߤϰʲ¼¤Ç¤¢¤ë¡£

1)WEP
¡¦°Å¹æ²½¡¡WEP¡ÊRC4)
¡¦Ç§¾Ú¡¡¥ª¡¼¥×¥ó¥­¡¼

2)WPA-PSK
¡¦°Å¹æ²½¡¡TKIP¡ÊRC4)
¡¦Ç§¾Ú¡¡»öÁ°¶¦Í­¸°

3)WPA¡¢WPA2
¡¦°Å¹æ²½¡¡TKIP¡¢AES
¡¦Ç§¾Ú¡¡EAP¡ÊPEAP¤äEAP-TLS¡Ë

Íý²ò¤ò¿¼¤á¤ë¤¿¤á¤Ë¡¢¤´¼«¿È¤Î¥Ñ¥½¥³¥ó¤Î²èÌ̤ǡ¢¼ÂºÝ¤ÎÀßÄê¤ò¸«¤Æ¤ß¤ë¤È¤¤¤¤¤À¤í¤¦¡£

¢£PSK¡Êpre-shared key¡§»öÁ°¶¦Í­¸°¡Ë
¡¡PSK¤Ë´Ø¤·¤Æ¡¢¾¯¤·Êä­¤¹¤ë¡£¤³¤ì¤Ï°Å¹æ²½¤Ë»È¤¦¸°¤Ç¤Ï¤Ê¤¯¡¢Ç§¾Ú¤Î¤¿¤á¤Î¤â¤Î¤Ç¤¹¡£°Å¹æ²½¤Î¸°¤ÏRC4¤äAES¤Î»ÅÁȤߤˤè¤Ã¤Æ¡¢ÊÌÅÓºî¤é¤ì¤ë¡£

²áµîÌä¡ÊH23½ÕSC¸á¸å­¶Ìä2¡Ë¤Ë¤Ï¡¢°Ê²¼¤Îµ­ºÜ¤¬¤¢¤ë¡£
K¼ÒÇÛÁ÷¥»¥ó¥¿¤ÇÍøÍѤ·¤Æ¤¤¤¿WPA-PSK¤Î8ʸ»ú¤Î»öÁ°¶¦Í­¸°¤¬¼­½ñ¹¶·â¤Ë¤è¤Ã¤ÆÉü¸µ¤Ç¤­¤¿¤³¤È¤òÅÁ¤¨¤¿¡£¤½¤Î¾å¤Ç,¼­½ñ¹¶·â¤Ø¤ÎËɸæ¤Î¤¿¤á¤Ë, WPA-PSK¤Î»öÁ°¶¦Í­¸°¤Ç¤Ï¾¯¤Ê¤¯¤È¤â21ʸ»úÄøÅÙ¤Îʸ»úÎó¤ò»È¤¦¤³¤È¤¬¿ä¾©¤µ¤ì¤Æ¤¤¤ë¤³¤È¤òÀâÌÀ¤·¤¿¡£

¢£»²¹Í£±¢£¡¡Webǧ¾Ú
ºÇ¶á¤Ç¤Ï¡¢Webǧ¾Ú¤¬¤Ç¤­¤ëµ¡´ï¤¬Áý¤¨¤Æ¤¤¤ë¡£IEEE802.1X¤ÎPEAP¤ÈƱ¤¸¤¯ID/¥Ñ¥¹¥ï¡¼¥É¤Ë¤è¤ëǧ¾Ú¤Ç¤¢¤ë¤¬¡¢¥Ñ¥½¥³¥ó¦¤ËÆÃÊ̤ÊÀßÄ꤬Íפé¤Ê¤¤¤Î¤¬¥Ý¥¤¥ó¥È¤Ç¤¢¤ë¡£¤¿¤À¡¢¤³¤ì¤Ï̵ÀþLAN¤Ë¸Â¤Ã¤¿»ÅÁȤߤǤϤʤ¯¡¢ÄÌ¿®¤Î°Å¹æ²½¤Ê¤É¤ÏÊ̼êÃʤǹԤ¦É¬Íפ¬¤¢¤ë¡£»î¸³¤ÇÌä¤ï¤ì¤ë¤³¤È¤Ï̵¤¤¤«¤È»×¤¦¡£

¢£»²¹Í£²¢£¡¡SSID
¡¡SSID¡ÊService Set IDentifier¡Ë¤Ï¥»¥­¥å¥ê¥Æ¥£Âкö¤Î»ÅÁȤߤǤϤʤ¤¤¬¡¢±£¤Ú¤¤¤¹¤ë¤Û¤¦¤¬¤è¤¤¡£SSID¤ÏESS-ID¤ÈƱµÁ¤Ç¹Í¤¨¤ÆÎɤ¤¡£²áµîÌä¤Ë¤ÆESS-ID¤ò¡ÖºÇÂç32ʸ»ú¤Î±Ñ¿ô»ú¤Çɽ¤ï¤µ¤ì¤ë¥Í¥Ã¥È¥ï¡¼¥¯¼±Ê̻ҤǤ¢¤ê¡¢Àܳ¤¹¤ë¥¢¥¯¥»¥¹¥Ý¥¤¥ó¥È¤ÎÁªÂò¤ËÍѤ¤¤é¤ì¤ë¡ÊH18NW¸áÁ° Ìä38¡Ë¡×¤ÈÀâÌÀ¤·¤Æ¤¤¤ë¡£·«¤êÊÖ¤·¤Ë¤Ê¤ë¤¬¡¢Ã±¤Ê¤ë¼±Ê̻ҤǤ¢¤Ã¤Æ¡¢¥»¥­¥å¥ê¥Æ¥£¤òÊݤĤâ¤Î¤Ç¤Ï¤Ê¤¤¡£Ç§¾Úµ»½Ñ¤Ç¤â¤Ê¤¤¡£



̵ÀþLAN¤ÎWPA£²¤Ç¤Ï¡¢CCMP¤È¤¤¤¦°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤¬Åо줷¤Þ¤¹¡£
¤³¤³¤Ç¤Ï¡¢CCMP¤Ë¤Ä¤¤¤Æ²òÀ⤷¤Þ¤¹¡£
¤Þ¤º¡¢²áµîÌä¡ÊH25½©NW¸áÁ°­¶¡Ë¤ò¸«¤Æ¤ß¤Þ¤·¤ç¤¦¡£
Ìä19¡¡ÌµÀþLAN¤Ë¤ª¤±¤ëWPA2¤ÎÆÃħ¤Ï¤É¤ì¤«¡£
¥¢¡¡AH¤ÈESP¤Îµ¡Ç½¤Ë¤è¤Ã¤ÆÇ§¾Ú¤È°Å¹æ²½¤ò¼Â¸½¤¹¤ë¡£
¥¤¡¡°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤ËAES¤òºÎÍѤ·¤¿CCMP (Counter-mode with CBC-MAC Protocol¡Ë¤ò»ÈÍѤ¹¤ë¡£
¥¦¡¡Ã¼Ëö¤È¥¢¥¯¥»¥¹¥Ý¥¤¥ó¥È¤Î´Ö¤ÇÄÌ¿®¤ò¹Ô¤¦ºÝ¤Ë, SSL Handshake Protocol ¤ò»ÈÍѤ·¤Æ¡¤¤ª¸ß¤¤¤¬ÀµÅö¤ÊÁê¼ê¤«¤É¤¦¤«¤òǧ¾Ú¤¹¤ë¡£
¥¨¡¡ÍøÍѼԤ¬ÀßÄꤹ¤ëÈëÌ©¸°¤È¡¤À½ÉʤÇÀ¸À®¤¹¤ëIV (Initialization Vector)¤È¤òÏ¢·ë¤·¤¿¿ô»ú¤ò´ð¤Ë¡¤¥Ç¡¼¥¿¤ò¥Õ¥ì¡¼¥à¤´¤È¤ËRC4¤Ç°Å¹æ²½¤¹¤ë¡£
Àµ²ò¤Ï¥¤¤Ç¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤òÌܻؤ¹½÷À­SE°ã¤¦¡¡
¤Á¤ç¤Ã,
¤Á¤ç¤Ã¤ÈÂԤäƤ¯¤À¤µ¤¤¡£
WPA2¤Î°Å¹æ¥¢¥ë¥´¥ê¥º¥à¤Ï¡¢AES¤Ê¤ó¤Ç¤¹¤«¡©CCMP¤Ê¤ó¤Ç¤¹¤«¡©¤É¤Ã¤Á¤Ç¤¹¤«¡©
Àµ²ò¤Ï¡¢¡ÖAES¤ò¥Ù¡¼¥¹¤Ë¤·¤¿CCMP¡ÊH29½©NW¸á¸å­¶Ìä2¤è¤ê¡Ë¡×¤Ç¤¹¡£
¤Ä¤Þ¤ê¡¢Àµ³Î¤Ë¤ÏAES¤Ç¤Ï¤Ê¤¯CCMP¤Ê¤Î¤Ç¤¹¡£AES¤ò̵ÀþLANÍѤˤ¤¤¯¤Ä¤â¤Î»ÅÁȤߤòÄɲä·¤¿¤â¤Î¤¬CCMP¤Ç¤¹¡£ÌµÀþLAN¤Î°Å¹æ²½¥×¥í¥È¥³¥ë¤¬CCMP¤Ç¡¢CCMP¤Ç¤Ï°Å¹æ²½¥¢¥ë¥´¥ê¥º¥à¤È¤·¤ÆAES¤ò»È¤Ã¤Æ¤¤¤ë¤È¹Í¤¨¤Æ¤â¤¤¤¤¤Ç¤·¤ç¤¦¡£¡Ê¤Á¤ç¤Ã¤È¤ä¤ä¤³¤·¤¤¤«¤Ê¡©¡Ë

¤Ç¤Ï¡¢CCMP¤Ï¶ñÂÎŪ¤Ë¤É¤ó¤Ê»ÅÁȤߤǤ·¤ç¤¦¤«¡£
CCMP¤Î¥Õ¥ë¥¹¥Ú¥ë¤ò¸«¤Þ¤·¤ç¤¦¡£¡ÖCounter-mode with CBC-MAC Protocol¡×¤Ç¤¹¡£
¤Þ¤º¡¢Counter-mode¤Ç¤¹¤¬¡¢²áµîÌä¤Ç¤Ï°Ê²¼¤Î²òÀ⤬¤¢¤ê¤Þ¤¹¡£
AES¤Ï¥Ö¥í¥Ã¥¯°Å¹æ¤Ê¤Î¤Ç¡¤°Å¹æ²½¤¹¤ë¥á¥Ã¥»¡¼¥¸¤ò°ìÄꥵ¥¤¥º¤Î¥Ö¥í¥Ã¥¯Ã±°Ì¤Ëʬ³ä¤·¤Æ½èÍý¤¹¤ëɬÍפ¬¤¢¤ë¡£¥á¥Ã¥»¡¼¥¸¤ò¥Ö¥í¥Ã¥¯Ã±°Ì¤Ëʬ³ä¤¹¤ë¤È¡¤ºÇ¸å¤Î¥á¥Ã¥»¡¼¥¸¤¬¥Ö¥í¥Ã¥¯¥µ¥¤¥º¤ËËþ¤¿¤Ê¤¤¾ì¹ç¤â¤¢¤ë¤Î¤Ç,   CCMP¤Ç¤Ï¥«¥¦¥ó¥¿¥â¡¼¥É¤¬ºÎÍѤµ¤ì¤Æ¤¤¤ë¡£¥«¥¦¥ó¥¿¥â¡¼¥É¤Ç¤Ï¡¤°Å¹æ²½¤¹¤ë¥á¥Ã¥»¡¼¥¸¤ò¥À¥¤¥ì¥¯¥È¤Ë°Å¹æ²½¤¹¤ë¤Î¤Ç¤Ï¤Ê¤¯¡¤¥Ö¥í¥Ã¥¯¥µ¥¤¥º¤ÈƱ¤¸¥Ð¥¤¥È¿ô¤Î¥«¥¦¥ó¥¿Ãͤò°Å¹æ²½¤·¤Æ¡¤°Å¹æ²½¤·¤¿¥«¥¦¥ó¥¿ÃͤȰŹ沽¤¹¤ë¥á¥Ã¥»¡¼¥¸¤È¤òXOR¡ÊÇÓ¾ŪÏÀÍýÏ¡ˤ·¤Æ°Å¹æÊ¸¤òÀ¸À®¤¹¤ë¡£¥«¥¦¥ó¥¿¥â¡¼¥É¤Ë¤è¤ë°Å¹æ²½¼ê½ç¤ò¿Þ2¤Ë¼¨¤¹¡£
a
  ¸åÆü¡¢Â³¤­¤ò½ñ¤­¤Þ¤¹¡£




PMK¤Ï¡¢ÌµÀþLAN¤Ë¤ª¤¤¤ÆºîÀ®¤µ¤ì¤ë¸°¤Î°ì¤Ä¤Ç¡¢°Å¹æ¸°¤Î´ð¤Ë¤Ê¤ê¤Þ¤¹¡£
¤Þ¤º¤Ï²áµîÌä¡ÊH29½©NW¸á¸å­¶Ìä2¡Ë¤ò¸«¤Æ¤ß¤Þ¤·¤ç¤¦¡£
¡Ê2¡ËWPA¤Ç¤Ï,  TKIP¤Ë¤è¤Ã¤Æ°Å¹æ¸°¤òÀ¸À®¤¹¤ë¡£TKIP¤Ç¤Ï¡¤°Å¹æ¸°¤Î´ð¤Ë¤Ê¤ë°ì»þ¸°¡ÊTemporal Key¡Ë¤¬Æ°Åª¤ËÀ¸À®¤µ¤ì¤ë¡£¥¨¥ó¥¿¡¼¥×¥é¥¤¥º¥â¡¼¥É¤Î¾ì¹ç¡¤°ì»þ¸°¤Ï¡¤IEEE 802.1X¤Îǧ¾ÚÀ®¸ù¸å¤Ë[¡¡h:ǧ¾Ú¥µ¡¼¥Ð¡¡]¤ÇưŪ¤ËÀ¸À®¤µ¤ì¤Æ¥¯¥é¥¤¥¢¥ó¥È¤ËÇÛÉÛ¤µ¤ì¤ëPMK¡ÊPairwise Master Key¡Ë¤ò´ð¤Ë¡¤ÌµÀþLANüËöµÚ¤Ó[¡¡h:ǧ¾Ú¥µ¡¼¥Ð¡¡]¤Îξ¼Ô¤ÇÀ¸À®¤µ¤ì¤ë¡£
Pairwise Master Key ¡ÊPMK¡Ë¤È¤Ï¡¤°Å¹æ¸°¤Î´ð¤Ë¤Ê¤ë¤â¤Î¤Ç¡¤IEEE802.1X¤Îǧ¾Ú¸å¡Ê²¼¿Þ­¡¡Ë¤Ë¡¢Ç§¾Ú¥µ¡¼¥Ð¡Ê¢¨¶õÍóh¤Î²òÅú¡Ë¤¬À¸À®¡Ê²¼¿Þ­¢¡Ë¤·¡¤ÌµÀþLAN¤ÎPC¤ÈAP¤Ë¶¦Í­¤µ¤ì¤Þ¤¹¡Ê²¼¿Þ­£¡Ë¡£¤³¤ÎPMK¤ò´ð¤Ë¡¤PC¤ÈAP´Ö¤Ç°Å¹æ¸°¤ÎÀ¸À®¤ò¹Ô¤¤¤Þ¤¹¡Ê²¼¿Þ­¤¡Ë¡£
a

¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È¤òÌܻؤ¹½÷À­SE¥Ï¥Æ¥Ê¡¡


PMK¤ÏPC¤´¤È¤Ë°ã¤¦¤â¤Î¤¬ºîÀ®¤µ¤ì¤ë¤Î¤Ç¤¹¤«¡©
¤Ï¤¤¡¢¤½¤¦¤Ç¤¹¡£
PSK¤Ë¤è¤ëǧ¾Ú¤ò¤¹¤ë¥Ñ¡¼¥½¥ó¥Ê¥ë¥â¡¼¥É¤Ç¤Ï¡¢PMK¤ÏÁ´¤Æ¤ÎPC¤äAP¤Ç¶¦Ä̤ΤǤ¹¡£
°ìÊý¡¢¥¨¥ó¥¿¡¼¥×¥é¥¤¥º¥â¡¼¥É¤Ç¤Ï¡¢¤³¤Î½èÍý¤ÏPC¤ª¤è¤ÓÀܳ¤¹¤ëAPñ°Ì¤Ç¼Â»Ü¤µ¤ì¤Þ¤¹¡£
¤Ç¤¹¤«¤é¡¢PC¤¬ÊѤï¤ì¤ÐPMK¤¬ÊѤï¤ê¤Þ¤¹¡£
¤Þ¤¿¡¢PC¤¬°Üư¤·¤ÆÀܳ¤¹¤ëAP¤¬ÀÚ¤êÂØ¤ï¤Ã¤¿¾ì¹ç¡Ê¥Ï¥ó¥É¥ª¡¼¥Ð¡Ë¤Ç¤â¡¢¤³¤Î½èÍý¤ò¤ä¤êľ¤·¤µ¤ì¡¢PMK¤¬ºÆºîÀ®¤µ¤ì¤Þ¤¹¡£
¤³¤ì¤Ë¤è¤ëÄÌ¿®ÃǤ¬È¯À¸¤¹¤ë¤¿¤á¡¢WPA2¤Ç¤Ï¡Ö»öÁ°Ç§¾Ú¡×¤È¡Öǧ¾Ú¥­¡¼¤ÎÊÝ»ý¡ÊPairwise Master Key ¥­¥ã¥Ã¥·¥å¡Ë¡×¤È¤¤¤¦²þÎɤò¤·¤Æ¤¤¤Þ¤¹¡£¾Ü¤·¤¯¤Ï°Ê²¼¤Ç¤¹¡£
¡¡http://nw.seeeko.com/archives/50980077.html¡¡




¥¹¥Ý¥ó¥µ¡¼¥É¥ê¥ó¥¯

¢¬¤³¤Î¥Ú¡¼¥¸¤Î¥È¥Ã¥×¥Ø