180 likes | 187 Views
This paper discusses secure and fast handover protocols for IEEE 802.1x wireless networks, addressing the challenges and proposing solutions for secure authentication during handovers.
E N D
By: Alex Feldman Secure Handover for IEEE 802.1x Wireless Networks
What’s the environment? • A mobile station is connected to the network wirelessly through another device. • In case of WiFi (IEEE 802.11) this would be an access point. • In case of WiMax (IEEE 802.16) it is a base station.
What’s a Handover? • The mobile station may need to change its connection point to the network. • The connection point “Hands Over” the connection to the new point. • It has to be secure • It has to be fast • It has to be standardized
Security (802.11i & 802.16e) • Supplicant (Sta)– the station entering the network to be authenticated. • Authenticator (Au) – the access point directly connected to the station, and acting as a proxy to the authentication server. • Authentication Server (AS)– database containing credentials for all users, reachable by the authenticator.
EAP – TLS • Extensible Authentication Protocol -Transport Layer Security • Widely supported but rarely used. • 8-way handshake. Very secure but also very time consuming. • Doesn’t scale well when clients handoff often.
Some definitions • PMK - Pairwise Master Key • PTK – Pairwise Transient Key • EMSK – Extended Master Session Key • RADIUS – Remote Authentication Dial In User Service. Uses a shared secret to cipher and authenticate the communication.
EAP – TLS Authentication – PMK and EMSK generated on SA and Station. AS moves PMK to Au by using RADIUS. 4-way handshake – PTK generated by Au and Station
What’s the problem? • When a station changes access points, re-authenticating the PMK is slow. • Only the PTK needs to be renewed, and PMK can be left alone. • How do we transmit the PMK from Au1 to Au2????
Security Issues • Au1 is a bad guy. Pushes false PMK • Sta is a bad guy that gets access to Au2 • Sta is a good guy that gets a denial of service • Au2 is a bad guy.Pulls PMK from Au1.Now it can decipher traffic.
Strategy One • Don’t use AS for re-authentication! • Pull/Push policies to transfer keys. • Provides good performance. • More complicated. • Use when: • Handover speed is crucial & path to the AU is long • Don’t want to be dependant on the AU server
Strategy Two • Contact the Au on every handover. • Slower performance. • Gained security. • Possible danger if the protocol used to move PMK is not strong. Need good reasons to transfer PMKs.
Fast Re-Authentication Schemeas proposed by the authors • Goal: reduce the number of packets required for TLS exchange by re-using information generated in the first authentication. • EMSK remained on the Authentication Server, so it can be used to re-authenticate the Station
Author’s Proposed Solution Based on contacting the Authentication server Au PTK
Results: • EAP-TLS took 2.34 seconds on average • Proposed protocol took 0.62 seconds on average • 74% improvement over EAP-TLS! • 82% improvement when including retransmissions
IEEE 802.11r – work in progress • Internet Engineering Task Force (IETF) – working on new standard to used the EMSK for re-authentication. • Pull and push methods to transfer keys for nodes within same mobility domains
Conclusion • EAP-TLS is slow for re-authentication. • Big improvements can be made by following the proposed protocol, which • Reduces number of packets required • Reduces retransmissions • Decreases time
Questions? • Original paper written by: Romano Fantacci, Leonardo Maccari, and Tommaso Pecorella from: University of Florence Federico Frosali from: Telecom Italia Lab