Fast, secure handovers in 802.11: back to the basis

Authors:
Rodolphe Marques;André Zúquete
Affiliations:
IEETA/University of Aveiro, Aveiro, Portugal;IT/IEETA/University of Aveiro, Aveiro, Portugal
Venue:
Proceedings of the 4th ACM symposium on QoS and security for wireless and mobile networks
Year:
2008

Citing 6
Cited 2

An empirical analysis of the IEEE 802.11 MAC layer handoff process

ACM SIGCOMM Computer Communication Review
Fast pre-authentication based on proactive key distribution for 802.11 infrastructure networks

WMuNeP '05 Proceedings of the 1st ACM workshop on Wireless multimedia networking and performance modeling
Personal AP Protocol for Mobility Management in IEEE 802.11 Systems

MOBIQUITOUS '05 Proceedings of the The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services
Reducing Reauthentication Delay in Wireless Networks

SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
3-party approach for fast handover in EAP-based wireless networks

OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Proactive key distribution using neighbor graphs

IEEE Wireless Communications

Enhancing the performance of secured handover protocols in UMTS-WiMAX interworking

Wireless Networks
A novel re-authentication scheme based on tickets in wireless local area networks

Journal of Parallel and Distributed Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article presents a fast, secure handover protocol for 802.11 networks. The protocol keeps the security functionalities of 802.1X but uses a new reauthentication protocol that promotes fast handovers during reassociations. The reauthentication protocol recovers the original 802.11 paradigm: authenticate first, reassociate next. Following this paradigm, we conceived two new 802.11 authentication and reassociation protocols, which allow a mobile station to perform 802.1X reauthentications before reassociations with the same functionality of a complete 802.1X authentication. Furthermore, reassociation protocols are authenticated, preventing denial-or-service scenarios that are not handled by 802.11i. Our new approach requires little from the environment, namely a new, central Reauthentication Service, for storing data used in the reauthentication of stations. The time of security-related tasks that contribute to handover delays was dramatically reduced to 1.5 ms, while an 802.1X fast resume takes more than 150 ms. Finally, our protocol addresses most design goals and problems stated by standards' working groups for fast, secure roaming in 802.11.