• Title/Summary/Keyword: fast authentication

Search Result 161, Processing Time 0.034 seconds

Secure Pre-authentication Schemes for Fast Handoff in Proxy Mobile IPv6

  • Baek, Jaejong
    • Journal of information and communication convergence engineering
    • /
    • v.14 no.2
    • /
    • pp.89-96
    • /
    • 2016
  • In mobile communication, there are various types of handoff for the support of all forms of mobility. Proxy mobile IPv6 (PMIPv6) enables local network-based mobility management of a mobile node without any effect of mobility-related signaling. Recently, PMIPv6 has been considered for supporting mobility management in LTE/SAE-based mobile networks. To support seamless mobility in heterogeneous mobile networks, the overall cost of handoffs needs to be minimized and the procedure should be guaranteed to be secure. However, the reduction of the authentication cost has not been fully investigated to provide seamless connectivity when mobile users perform a handoff between the PMIPv6 domains. This paper proposes secure pre-authentication schemes, completing an authentication procedure before performing a handoff, for a fast handoff in PMIPv6. Analytic models have been used for measuring the authentication latency and for the overhead cost analysis. In addition to providing fast authentication, the proposed pre-authentication schemes can prevent threats such as replay attacks and key exposure.

A STUDY ON IMPROVED PKMv2 FRAMEWORK FOR FAST MOBILITY IN 802.16e NETWORKS

  • Suh, Gi-Jun;Yun, Seung-Hwan;Yi, Ok-Yeon;Lee, Sang-Jin
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 2009.01a
    • /
    • pp.400-403
    • /
    • 2009
  • EAP (Extensible Authentication Protocol) is often used as an authentication framework for two-party protocol which supports multiple authentication algorithms known as "EAP method". And PKMv2 in 802.16e networks use EAP as an authentication protocol. However, this framework is not efficient when the EAP peer executing handover. The reason is that the EAP peer and EAP server should re-run EAP method each time so that they authenticate each other for secure handover. This makes some delays, so faster re-authentication method is needed. In this paper, we propose a new design of the PKMv2 framework which provides fast re-authentication. This new framework and usage of the keys which used as a short-term credential bring better performance during handover process.

  • PDF

Authentication eXtention Scheme of Fast Handover for Secure NEMO-based PMIPv6 Networks (안전한 NEMO 기반 PMIPv6 네트워크를 위한 빠른 핸드오버를 지원하는 확장 인증기법)

  • Im, Illkyun;Jeong, Jongpil
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.13 no.5
    • /
    • pp.107-119
    • /
    • 2013
  • This paper reinforced security under the network evaluation of wire wireless integration of NEMO (NEwork MObility) supporting mobility and network-based PMIPv6 (Proxy Mobile IPv6). It also proposes $SK-L^2AS$ (Symmetric Key-Based Local-Lighted Authentication Scheme) based on simple key which reduces code calculation and authentication delay costs. Moreover, fast handover technique was also adopted to reduce handover delay time in PMIPv6 and X-FPMIPv6 (eXtension of Fast Handover for PMIPv6) was used to support global mobility. In addition, AX-FPMIPv6 (Authentication eXtension of Fast Handover for PMIPv6) is proposed which integrated $SK-L^2AS$ and X-FPMIPv6 by applying Piggybacks method to reduce the overhead of authentication and signaling. The AX-FPMIPv6 technique suggested in this paper shows that this technique is better than the existing schemes in authentication and handover delay according to the performance analysis.

A Method of Performance Improvement for AAA Authentication using Fast Handoff Scheme in Mobile IPv6 (Mobile IPv6에서 Fast Handoff기법을 이용한 AAA 인증 성능 향상 방안)

  • Kim Changnam;Mun Youngsong;Huh Eui-Nam
    • Journal of KIISE:Information Networking
    • /
    • v.31 no.6
    • /
    • pp.566-572
    • /
    • 2004
  • In this paper, we define the secure authentication model to provide a mobile node with global roaming service and integrate the Fast Handoff scheme with our approach to minimize the service latency. By starting the AAA(Authentication, Authorization and Account) procedure with Fast Handoff simultaneously when a roaming occurs, authentication latency is reduced significantly and provision of fast and seamless service is possible. The previous works such as IPsec(Internet Protocol Security), RR (Return Routability) and AAA define the procedures performed after the completion of Layer2 Handoff which leads us to study a way of providing the real time and QoS guaranteed service during this period. The proposed scheme is for this goal and when appling it to roaming environment it shows the cost reduction up to 55% and 17% for the case of the MN receiving the FBACK and not respectively before L2 Handoff occurs.

A Fast Authentication based on Hierarchical Key Structure for Roaming Mobile Nodes Between Domains (모바일 네트워크에서 로밍을 위한 계층적 인증 방법)

  • Hong, Ki-Hun;Jung, Sou-Hwan
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.31 no.12C
    • /
    • pp.1288-1296
    • /
    • 2006
  • This paper proposes a fast authentication scheme based on hierarchical key structure (HiFA) for roaming mobile nodes in both intra-domain and inter-domain. The full authentication procedure standardized in IEEE 802.11 and 802.16 is difficult to be applied to a handover since it needs a heavy operation and long delay time during a handover. Though a number of schemes were proposed to solve the problem, the existing schemes might degrade the security of authentication or impose heavy administrative burden on the Pome authentication server. The main contribution of this paper is to reduce the communication and computation overhead of the home authentication sewer without degrading the security strength of the fast roaming authentication using hierarchical authentication key structure. The proposed scheme iii this paper decentralizes the administrative burden of the home authentication server to other network entities such as a local authentication server or access point and supports the security separation of the authentication key among local authentication servers using hash key chain.

A Scalable Authentication Framework for Fast Remote Roaming with Hierarchical Caching (계층적 캐슁을 이용해 로밍 확장성을 높인 인증 프레임워크)

  • Lee Heejin;Song Yu-Kyong;Rhee Myung Soo;Kim Chong-Kwon
    • Journal of KIISE:Information Networking
    • /
    • v.32 no.5
    • /
    • pp.561-573
    • /
    • 2005
  • As the demand on ubiquitous communication increases, global roaming and vertical handover will be prevailing in the near future. Since this environment is accompanied by the frequent handovers at remote sites, a scalable and fast authentication becomes prerequisite for ubiquitous communication. In this paper, we suggest a framework for scalable and fast authentication, using hierarchical caching based on general trust relationship among domains. At the end, we show that the proposed scheme achieves reduced authentication delay and network overhead through an analytic method with fluid flow model.

Design of Wireless LAM Authentication Mechanism for Fast Handoff Service based on PKI (공개키 기반구조에서 빠른 핸드오프를 위한 무선랜 인증 기법 설계)

  • 정종민;이주남;이구연
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.3
    • /
    • pp.45-55
    • /
    • 2003
  • Wireless LAM has the advantage of extension, flexibility and easiness of installation and maintenance. However, due to the characteristics of wireless media, it is vulnerable to security attacks. PKI(Public Key Infrastructure) is estimated to be a good solution offering security function to wireless LAM including global roaming. It offers high security functions as authentication confidentiality and digital signature while it generates big overheads such as CRL search and certificate verification. The overheads can not be avoided during the initial authentication. However, when we consider the case of handoff, it can be minimized through the fast handoff. In this paper, we design a fast handoff authentication mechanism based on PKI in the wireless LAM and analyze the performance of the scheme.

Design of GE subgroup based User Authentication Protocol For efficient Electric Commerce (효율적 전자상거래를 위한 유한체 서브그룹 기반의 사용자 인증 프로토콜 설계)

  • 정경숙;홍석미;정태충
    • The Journal of Society for e-Business Studies
    • /
    • v.9 no.1
    • /
    • pp.209-220
    • /
    • 2004
  • If protocol has fast operations and short key length, it can be efficient user authentication protocol. Lenstra and Verheul proposed XTR. XTR have short key length and fast computing speed. Therefore, this can be used usefully in complex arithmetic. In this paper, to design efficient user authentication protocol we used a subgroup of Galois Field to problem domain. Proposed protocol does not use GF(p/sup 6/) that is existent finite field, and uses GF(p²) that is subgroup and solves problem. XTR-ElGamal based user authentication protocol reduced bit number that is required when exchange key by doing with upside. Also, proposed protocol provided easy calculation and execution by reducing required overhead when calculate. In this paper, we designed authentication protocol with y/sub i/ = g/sup b.p/sup 2(i-1)//ㆍv mol q, 1(equation omitted) 3 that is required to do user authentication.

  • PDF

Authentication Mechanism for Secure Fast Handover in HMIPv6 (HMIPv6 환경에서의 안전한 Fast Handover를 위한 인증 메커니즘)

  • Kim, Min-Kyoung;Kang, Hyun-Sun;Park, Chang-Seop
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.3
    • /
    • pp.91-100
    • /
    • 2007
  • In this paper, We design and propose a protocol for supporting secure and efficient mobility in integrating fast handover and HMIPv6. In the proposed protocol which is AAA-based HMIPv6, if the MN enters the MAP domain for the first time, then it performs an Initial Local Binding Update for authentication. We propose a secure Fast Handover method using the ticket provided by MAP, which includes the secret key for authentication. Also, we analyze and compare security properties of our proposed scheme with those of other scheme using various attack scenario.

A Robust Mutual Authentication between User Devices and Relaying Server(FIDO Server) using Certificate Authority in FIDO Environments

  • Han, Seungjin
    • Journal of the Korea Society of Computer and Information
    • /
    • v.21 no.10
    • /
    • pp.63-68
    • /
    • 2016
  • Recently, Biometrics is being magnified than ID or password about user authentication. However, unlike a PIN, password, and personal information there is no way to modify the exposure if it is exposed and used illegally. As FIDO(Fast IDentity Online) than existing server storing method, It stores a user's biometric information to the user device. And the user device authentication using the user's biometric information, the user equipment has been used a method to notify only the authentication result to the server FIDO. However, FIDO has no mutual authentication between the user device and the FIDO server. We use a Certificate Authority in order to mutually authenticate the user and the FIDO server. Thereby, we propose a more reliable method and compared this paper with existed methods about security analysis.