Shepherd: A lightweight statistical authentication protocol for access control in wireless LANs

Quantified Score

Visualization

Abstract

With the increasing performance and dropping price of wireless networking equipment, wireless networking has revolutionized the way people work and play. Wi-Fi hot spots popping up all over the country provide a convenient means of Internet connectivity. For the ISPs of hot spots, authentication and accounting have been recognized as two crucial concerns. For authentication, IETF PANA WG, is working on a transport protocol for authenticating IP hosts for network access. However, PANA does not provide access control and per-packet authentication, which are desirable in accounting and access control. Instead of using high-overhead crypto-based mechanisms, such as IPSec or 802.11i, we propose a lightweight statistical authentication protocol, namely Shepherd, through which the access point (AP) in a wireless network authenticates the mobile nodes as a Shepherd discriminates among alike sheep according to their characteristics. In Shepherd, the legitimacy of a mobile node is determined by continuously checking a series of random authentication bits, where each bit in this stream is piggybacked to a packet. Such an authentication bit stream is generated by both the mobile node and access point using the same random number generator under the same shared seed as a key. We analyze this protocol under three synchronization schemes. Our analytical results show that this protocol performs well in terms of computational and communication cost, synchronization efficiency, and protocol operation secrecy. We also show that this new protocol is practical for implementation in wireless LANs.