Abstract
Several statistics on the factors of attacks’ proliferation revealed the scarce deployment of entity authentication mechanisms being one of the most important. Particularly, providing seamless mobile re-authentication service for real-time inter-domain handover procedures is still an open issue. This paper is focused on the re-authentication architecture and mechanisms design, aiming to low latency re-authentication services for roaming WLAN or WiMAX terminals. Authentication architecture is specified to integrate the proposed mechanisms and a novel generic key material concept is defined in addition to the current state-of-the-art. An identity-based key material derivation method is developed, relying on the multiplicative group associativity property and the intractable underlying RSA problem. Then, the required cryptographic properties are evaluated. A simple generic key material pre-distribution mechanism is proposed and the related local re-authentication protocol. Eventually, the validation of the security properties of the re-authentication protocol, as well as the functional correctness validation of the re-authentication service is performed.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE Std. 802.11 (2007)
IEEE-SA Standards Board, Port-based Network Access Control, IEEE Std. 802.1x-2001 (2001) ISBN 0-7381-2626-7
IEEE-SA Standards Board, Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems. Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and Corrigendum 1, IEEE Std. 802.16e (2006)
Chen, J.J., Tseng, Y.C., Lee, H.W.: A Seamless Handoff Mechanism for IEEE 802.11 WLANs Supporting IEEE 802.11i Security Enhancements, http://www.cs.nctu.edu.tw/~yctseng/papers.pub/mobile79-handover-tunnel-apwcs2007.pdf
Lin, X., Ling, X., Zhu, H., Ho, P.H., Shen, X.: A novel localized authentication scheme in IEEE 802.11 based wireless mesh network. Intl. Journal Security and Networks 3(2) (2008)
Hong, Z., Rui, H., Man, Y.: A novel fast authentication method for mobile network access (2003), http://www.cnnic.net.cn/download/2003/11/27/142157.pdf
Calhoun, P., Montemurro, M., Stanley, D.: Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Specification, IETF, RFC 5415 (2009)
Clancy, T.: Secure Handover in Enterprise WLANs: CAPWAP, HOKEY and 802.11r. IEEE Wireless Communications Journal 15(5) (2008)
Mishra, A., Shin, M., Arbaugh, W.: An Empirical Analysis of the IEEE 802.11 MAC Layer Handoff Process. ACM SIGCOMM Computer Communication 3(2) (2003)
Long, M., Wu, C.-H., David Irwin, J.: Localized Authentication for Wireless LAN Inter-network Roaming. IEEE Communications 151(5) (2004)
Komarova, M.: Fast authentication and trust based access control in heterogeneous wireless networks, Ph.D. Thesis, Telecom-ParisTech (2008)
Huang, P.J., Tseng, Y.C.: A Fast Handoff Mechanism for IEEE 802.11 and IAPP Networks. In: Proc. of Vehicular Technology Conference, VTC 2006-Spring (2006)
The HOKEY working group documents homepage, http://datatraker.ietf.org/wg/hokey/
Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible Authentication Protocol (EAP), IETF, RFC 3748 (2004), www.ietf.org/rfc/rfc3748.txt
Housley, R., Aboba, B.: Guidance for Authentication, Authorization and Accounting (AAA) Key Management, IETF, RFC 4962 (2007)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of applied cryptography. CRC Press (1996)
AVISPA project website, http://www.avispa-project.org
Dolev, D., Yao, A.: On the security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29) (1983)
Vardi, M.: An automata theoretic approach to LTL, http://www.cs.rice.edu/~vardi/papers/banff94rj.ps.gz
LTL2BA translator website, http://www.lsv.ens-cachan.fr/~gastin/lt2ba/index.php
IFx tool website, http://www-if.imag.fr
Sage Math, tool website www.sagemath.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lupu, R., Borcoci, E., Rasheed, T. (2012). Identity-Based Key Derivation Method for Low Delay Inter-domain Handover Re-authentication Service. In: Laud, P. (eds) Information Security Technology for Applications. NordSec 2011. Lecture Notes in Computer Science, vol 7161. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29615-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-29615-4_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29614-7
Online ISBN: 978-3-642-29615-4
eBook Packages: Computer ScienceComputer Science (R0)