[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

3-Party Approach for Fast Handover in EAP-Based Wireless Networks

  • Conference paper
On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS (OTM 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4804))

Abstract

In this paper we present a solution for reducing the time spent on providing network access in mobile networks which involve an authentication process based on the Extensible Authentication Protocol. The goal is to provide fast handover and smooth transition by reducing the impact of authentication processes when mobile user changes of authenticator. We propose and describe an architecture based on a secure 3-party key distribution protocol which reduces the number of roundtrips during authentication phase, and verify its secure properties with a formal tool.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Marin, R., Martinez, G., Gomez, A.: Evaluation of AAA Infrastructure Deployment in Euro6ix IPv6 Network Project. Applied Cryptography and Network Security 2004, Technical Track Proceedings, pp. 325–334. Yellow Mountain, China (June 8-11, 2004)

    Google Scholar 

  2. Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible Authentication Protocol (EAP). RFC 3748 (June 2004)

    Google Scholar 

  3. Georgiades, M., Akhtar, N., Politis, C., Tafazolli, R.: AAA Context Transfer for Seamless and Secure Multimedia Services. In: EW 2004. 5.th. European Wireless Conference, Barcelona, Spain (February 2004)

    Google Scholar 

  4. Aboba, B., Simon, D., Arkko, J., Eronen, P., Levkowetz, H.: Extensible Authentication Protocol (EAP) Key Management Framework. draft-ietf-eap-keying-15.txt, IETF Internet Draft (October 2006)

    Google Scholar 

  5. Harskin, D., Ohba, Y., Nakhjiri, M., Marin, R.: Problem Statement and Requirements on a 3-Party Key Distribution Protocol for Handover Keying. draft-ohba-hokey-3party-keydist-ps-01, IETF Internet Draft, Work in Progress (March 2007)

    Google Scholar 

  6. Narayanan, V., Dondeti, L.: EAP Extensions for EAP Reauthentication Protocol (ERP) draft-ietf-hokey-erx-04, IETF Internet Draft (August 2007)

    Google Scholar 

  7. Nakhjiri, M.: Keying and signaling for wireless access and handover using EAP (EAP-HR, draft-nakhjiri-hokey-hierarchy-04, IETF Internet Draft (April 2007)

    Google Scholar 

  8. Nakhjiri, M., Ohba, Y.: Derivation, delivery and management of EAP based keys for handover and re-authentication, draft-ietf-hokey-key-mgm-00, IETF Internet Draft (June 2007)

    Google Scholar 

  9. Ohba, Y., Das, S., Marin, R.: An EAP Method for EAP Extension (EAP-EXT). draft-ohba-hokey-emu-eap-ext-01, IETF Internet Draft, Work in Progress (March 2007)

    Google Scholar 

  10. Aboba, B., Calhoun, P.: RADIUS support for EAP. RFC 3579 (June 2003)

    Google Scholar 

  11. Eronen, P., Hiller, T., Zorn, G.: Diameter Extensible Authentication Protocol (EAP) Application, RFC 4072 (August 2005)

    Google Scholar 

  12. Salowey, J., Dondeti, L., Narayanan, V., Nakhjiri, M.: Specification for the Derivation of Usage Specific Root Keys (USRK) from an Extended Master Session Key (EMSK). draft-ietf-hokey-emsk-hierarchy-00, IETF Internet Draft (January 2007)

    Google Scholar 

  13. Clancy, T., et al.: Handover Key Management and Re-authentication Problem Statement, draft-ietf-hokey-reauth-ps-01, IETF Internet Draft (January 2007)

    Google Scholar 

  14. Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Heidelberg (2003)

    Google Scholar 

  15. Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5) RFC 4120 (July 2005)

    Google Scholar 

  16. Denning, D., Sacco, G.: Timestamps in key distribution protocols. Communications of the ACM, 533–536 (August 1981)

    Google Scholar 

  17. ISO. Information Technology - Security Techniques - Key Management - Part 2: Mechanisms Using Symmetric Techniques ISO/IEC 11770-2 (1996)

    Google Scholar 

  18. Bellare, M., Rogaway, P.: Provably Secure Session Key Distribution: The Three Party Case. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 110–125. Springer, Heidelberg (1994)

    Google Scholar 

  19. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 110–125. Springer, Heidelberg (1994)

    Google Scholar 

  20. Choo, R., Hitchock, Y.: Security Requirements for Key Establishment Proof Models: Revisiting Bellare-Rogaway and Jeong-Katz-Lee Protocols. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 4–6. Springer, Heidelberg (2005)

    Google Scholar 

  21. Lowe, G.: Towards a Completeness Result for Model Checking of Security Protocols. Journal of Computer Security 7(2-3), 89–146 (1999)

    Google Scholar 

  22. I. of Electrical and E. Engineer: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Specification for Enhanced Security IEEE 802.11i, IEEE std (July 2005)

    Google Scholar 

  23. Kauffman, C.: Internet Key Exchange (IKEv2) Protocol. RFC 4306 (December 2005)

    Google Scholar 

  24. National Institute of Standards and Technology, Secure Hash Standard, FIPS 180-2, August 2002. With Change Notice 1 dated (February 2004)

    Google Scholar 

  25. Automated Validation of Internet Security Protocols and Applications (AVISPA) IST Project 2001-39252 http://www.avispa-project.org/

  26. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drielsma, P., Heám, C., Kouchnarenko, O., Mantovani1, J., Módersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganó, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Google Scholar 

  27. Dolev, D., Yao, A.C.: On the security of public key protocols. In: Proceedings of the IEEE 22nd Annual Symposium on Foundations of Computer Science, pp. 350–357 (1981)

    Google Scholar 

  28. Basin, D., Möthersein, S., Viganó, L.: An On-the-Fly Model-Checker for Security Protocol Analysis Computer Security-ESORICS 2003. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 253–270. Springer, Heidelberg (2003)

    Google Scholar 

  29. Armando, A., Compagna, L.: SATMC: A SAT-Based Model Checker for Security Protocols Logics in Artificial Intelligence. LNAI(LNCS), pp. 730–733. Springer, Heidelberg (2004)

    Google Scholar 

  30. Host AP software, http://hostap.epitest.fi/

  31. Free Radius, http://www.freeradius.org/

  32. Schaad, J., Housley, R.: Advanced Encryption Standard (AES) Key Wrap Algorithm. RFC 3394 (September 2004)

    Google Scholar 

  33. Schaad, J., Housley, R.: Wrapping a Hashed Message Authentication Code (HMAC) key with a Triple-Data Encryption Standard (DES) Key or an Advanced Encryption Standard (AES) Key RFC 3537 (May 2003)

    Google Scholar 

  34. Aboba, B., Simon, D.: PPP EAP TLS Authentication Protocol. RFC 2716 (October 1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. de Ingeniería de la Información y las Comunicaciones, New Faculty of Computer Science, Campus de Espinardo, Murcia, Spain

    Rafa Marin, Pedro J. Fernandez & Antonio F. Gomez

Authors
  1. Rafa Marin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pedro J. Fernandez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Antonio F. Gomez
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Robert Meersman Zahir Tari

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Marin, R., Fernandez, P.J., Gomez, A.F. (2007). 3-Party Approach for Fast Handover in EAP-Based Wireless Networks. In: Meersman, R., Tari, Z. (eds) On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS. OTM 2007. Lecture Notes in Computer Science, vol 4804. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76843-2_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-76843-2_43

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-76835-7

  • Online ISBN: 978-3-540-76843-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation