Trusted Network Connect provides the functionality of the platform authentication and integrity verification which is crucial for enhancing the security of authentication protocols. However, applying this functionality directly to concrete authentications is susceptible to unknown attacks and efficiency degradation. In this paper, we propose TWMAP, a novel authentication protocol for WLAN Mesh networks in a trusted environment which completed the platform authentication and integrity verification during the user authentication. And, the Schnorr asymmetric signature scheme is utilized to reduce the overhead of the client. The security properties of the new protocol are examined using the Universally Composable Security model. The analytic comparisons and simulation results show that the new protocol is very efficient in both computing and communication costs.

As part of ISO standards on public-key encryption, Shoup introduced the framework of KEM (Key Encapsulation Mechanism), and DEM (Data Encapsulation Mechanism), for formalizing and realizing one-directional hybrid encryption; KEM is a formalization of asymmetric encryption specified for key distribution, which DEM is a formalization of symmetric encryption. This paper investigates a more general hybrid protocol, secure channel, that uses KEM and DEM, while KEM supports distribution of a session key and DEM, along with the session key, is used for multiple bi-directional encrypted transactions in a session. This paper shows that KEM, which is semantically secure against adaptively chosen ciphertext attacks (IND-CCA2), and DEM, which is semantically secure against adaptively chosen plaintext/ciphertext attacks (IND-P2-C2), along with secure signatures and ideal certification authority are sufficient to realize a universally composable (UC) secure channel. To obtain the main result, this paper also shows several equivalence results: UC KEM, IND-CCA2 KEM and NM-CCA2 (non-malleable against CCA2) KEM are equivalent, and UC DEM, IND-P2-C2 DEM and NM-P2-C2 DEM are equivalent.