Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Secure Handover Using Inter-Access Point Protocol in Wireless LAN

무선 LAN에서 Inter-Access Point Protocol을 이용한 안전한 핸드오버

  • Published : 2003.12.01
Download PDF
⟨ Previous Next ⟩

Abstract

Handover in IEEE 802.11 requires repeated authentication and key exchange procedures, which are an obstacle to seamless services of wireless LAM. We propose a fast authentication and key exchange mechanism using IEEE 802.11f. Especially, by proposing a modified version of the 4-way handshake of IEEE 802.11i, we solve the perfect forward secrecy problem that arises when the pre-authentication is adopted. The scheme can be implemented only using the Context Block of IEEE 802.11f and the 4-way handshake of IEEE 802.11i without involving authentications server's interaction or non-standard behavior between access points. Our scheme is applicable to devices not supporting the us-authentication of IEEE 802.11i and also, it can substitute the pre-authentication when the pre-authentication is failed.

IEEE 802.11 네트웍에서 핸드오버는 반복되는 인증 및 키교환 절차를 요구하며, 이는 seamless 무선랜 서비스를 제공하는데 있어 큰 방해요소가 된다. 이 논문에서는 IEEE 802.11f를 이용한 빠른 키교환 및 인증 방법을 제안한다. 특히, IEEE 802.11i의 4-way 핸드쉐이크를 표준에 벗어나지 않게 수정하므로써 pre-authentication을 이용했을 때 생길 수 있는 perfect forward secrecy문제를 해결한다. 제안하는 방법은 IEEE 802.11f의 context block과 IEEE 802.11i의 핸드쉐이크만을 이용하며, 핸드오버 시에 AAA 서버와의 통신을 요구하지 않으므로써 효율성을 높였다.

Keywords

References

  1. IEEE Std 802.11i/D5.0 Draft Amemdment to STANDARD FOR Telecommunications and Information Exchange Between Systems - LAN/MAN Specific Requirements - Part 11: Wireless Medium Access Control(MAC) and physical layer(PHY) specifications: Specification for Enhanced Security
  2. P802.1X/D11 Standards for Local and Metropolitan Area Networks: Standard for Port based Metwork Access Control
  3. IEEE Draft P802.1aa/D5 Draft IEEE Standard for Local and Metro politan Area Networks - Port Based Network Access Control - Amendment 1: Technical and Editional Corrections
  4. IEEE P802.11F/D5 Draft Recommended Practice for Multi-Vendor Access Point Interoperability via an Inter-Access Point Protocol Across Distribution Systems Supporting IEEE 802.11 Operation
  5. RFC 2284 PPP Extensible Authentication Protocol(EAP) L.Blunk;J.Vollbrecht
  6. RFC 2716 PPP EAP TLS Authentication Protocol B.Aboba;D.Simon
  7. RFC 2138 Remote Authentication Dial In User Service (RADIUS) C.Rigney;A.Rubens;W.Simpson;S.Willens
  8. Internet Draft DIAMETER Base Protocol Pat R.Calhoun;John Loughney;Eric Guttman;Glen Zorn;Jari Arkko
  9. Internet Draft EAP Tunneled TLS Authentication Protocol(EAP-TTLS) Paul Funk;Simon Blake-Wilson
  10. Telecommunications and Information Exchange Between Systems - LAN/MAN Specific Requirements - Part 11: Wireless Medium Access Control(MAC) and physical layer(PHY) specifications
  11. Internet Draft Microsoft's PEAP (version 0) Vivek Kamath
  12. RFC 3078 Microsoft Point-to-Point Encryption G.Pall;G.Zorn
  13. IEEE 802.11-03/084 Proactive Key Distribution to support fast and secure roaming Arunesh Mishra;Minho Shin;William Arbaugh
  14. IEEE 802.11-03/095 Fast Re-authentication Dan Harkins
  15. IEEE 802.11-03/411 PMK Plumbing for Fast Roaming via the Neighborhood Graph Robert Moskowitz
  16. IEEE 802.11-03/155 Fast Handoff Issues Bernard Aboba
  17. Multiprecision Integer and Rational Arithmetic C/C++ Library