Open Access Open Access  Restricted Access Subscription Access

Secure and Fast Handovers Authentication Methods for Wi-Fi Based Networks:A Review Perspective


Affiliations
1 College of Computer Science and Technology, Beijing University of Technology, Beijing, China
2 School of Computer and Communication Engineering, University of Science and Technology Beijing, China
 

Regarding to this study, an extensive review of secure and fast handovers schemes were studied with the aim of solving security problems and authentication server computational overhead experienced in the existing schemes in wireless fidelity based networks. The complete verification scheme outlined in IEEE 802.11i network is unsuitable to be deployed so as to support the user’s seamless mobility. The contribution of this paper suggested a robust delivery of handoff keys for internetworking and intranetworking schemes with a dedicated trust relationship model existing in diverse domains. Inter-access point protocol was used to transfer handover credentials in an intra-domain network. Likewise, an inter-access control-tunnelling protocol with opportunity key caching and pairwise master key caching are suggested for inter-domain security context-transfers. Man-in-the-middle attacks are tasked to break mutual authentication for wireless networks. This paper pinpoints out that the suggested fast handover authentication scheme in our study outperforms the scheme of Wang and Prasad and other schemes mentioned in the extant studies. The proposed authentication scheme prevents replay attacks, masquerading and message modification.

Keywords

Delay, Handover, Handoff Latency, Fast Handoff, Mutual Authentication, Horizontal Handoff, Seamless User Experience.
User
Notifications
Font Size

  • M. Shi, X. (Sherman) Shen, J. W. Mark, D. Zhao, and Y. Jiang, “User authentication and undeniable billing support for agent-based roaming service in WLAN/cellular integrated mobile networks,” Comput. Networks, vol. 52, no. 9, pp. 1693–1702, 2008.
  • J. J. Baek, J. S. Song, and S. H. Seo, “Multiple preauthentication schemes based on fast channel switching in public wireless LANs,” 2009 Int. Conf. Innov. Inf. Technol. IIT ’09, pp. 16–20, 2009.
  • Y. W. Lee and H. Lee, “Evaluation of authentication Interworking methods among multiple WLAN service Providers,” Int. J. Commun. Syst., pp. 515–531, 2007.
  • M. Long, C. H. J. Wu, and J. D. Irwin, “Reducing communication overhead for wireless roaming authentication: Methods and performance evaluation,” Int. J. Netw. Secur., vol. 6, no. 3, pp. 331–341, 2008.
  • Z. Zhang, R. W. Pazzi, and A. Boukerche, “Design and evaluation of a fast authentication scheme for WiFi-based wireless networks,” 2010 IEEE Int. Symp. “A World Wireless, Mob. Multimed. Networks,” pp. 1–6, 2010.
  • H. Hyunuk, J. Gyeok, S. Kiwook, and P. Sangseo, “A study on MITM(Man in the Middle) vulnerability in wireless network using 802.1X and EAP,” Proc. Int. Conf. Inf. Sci. Secur. ICISS 2008, pp. 164–170, 2007.
  • Y. Idrissi, N. Zahid, and M. Jedra, “Security analysis of 3GPP (LTE)—WLAN interworking and a new local authentication method based on EAP-AKA,” …Technology (FGCT), 2012 …, pp. 137–142, 2012.
  • N. Asokan, V. Niemi, and K. Nyberg, “Man-in-the-Middle in Tunneled Authentication Protocols,” IETF Draft. Tunneled Authentication Protoc., pp. 1–15, 2002.
  • Y. Lee, “VOIP Handoff Method Complemented With 802.11 BSS Network Table to Effectively Reduce the Handoff Delay on 802.11 Networks,” IEEE Access, pp. 1–5, 2006.
  • O. Alfandi, H. Brosenne, C. Werner, and D. Hogrefe, “Fast re-authentication for inter-domain handover using context transfer,” 2008 Int. Conf. Inf. Networking, ICOIN, pp. 1–5, 2008.
  • S. Kanawat and P. Parihar, “Attacks in Wireless Networks,” … Smart Sensors Ad hoc Networks ( …, no. 1, pp. 113–116, 2011.
  • Z. Chen, S. Guo, K. Zheng, and H. Li, “Research on man-in-the-middle denial of service attack in SIP VoIP,” Proc. - Int. Conf. Networks Secur. Wirel. Commun. Trust. Comput. NSWCTC 2009, vol. 2, pp. 263–266, 2009.
  • H. Sun, J. Song, and Z. Chen, “Survey of Authentication in Mobile IPv6 Network,” IEEE Commun. Soc. IEEE CCNC 2010 Proc., pp. 10–13, 2010.
  • M. Conti, S. Member, N. Dragoni, and V. Lesyk, “A Survey of Man In The Middle Attacks,” IEEE Commun. Surv. TUTORIALS, VOL. 18, NO. 3, THIRD Quart. 2016, vol. 18, no. 3, pp. 2027–2051, 2016.
  • M. Conti, N. Dragoni, and V. Lesyk, “A Survey of Man In The Middle Attacks,” IEEE Commun. Surv. TUTORIALS, pp. 1–26, 2016.
  • K. Park, Y. Park, Y. Park, and A. G. Reddy, “Provably Secure and Efficient Authentication Protocol for Roaming Service in Global Mobility Networks,” IEEE Access, vol. 5, pp. 25110–25125, 2017.
  • P. Singh, M. Mishra, and P. N. Barwal, “Analysis of Security Issues and Their Solutions In Wireless LAN,” Inf. Commun. Embed. Syst. (ICICES), 2014 Int. Conf. (pp. 1-6). IEEE, no. 978, pp. 1–6, 2014.
  • M. Ordean and M. Giurgiu, “Towards securing client-server connections against man-in-the-middle attacks,” 2012 10th Int. Symp. Electron. Telecommun. ISETC 2012 - Conf. Proc., pp. 127–130, 2012.
  • M. M. Khan, M. Bakhtiari, and S. Bakhtiari, “An HTTPS approach to resist man in the middle attack in secure SMS using ECC and RSA,” Int. Conf. Intell. Syst. Des. Appl. ISDA, pp. 115–120, 2014.
  • W. Zhu, “A Secure and Flexible WLAN Authentication Scheme for Organizations,” 2015 2nd Int. Conf. Inf. Sci. Secur., pp. 1–4, 2015.
  • M. S. Bargh, R. J. Hulsebosch, E. H. Eertink, A. Prasad, H. Wang, and P. Schoo, “Fast authentication methods for handovers between IEEE 802.11 wireless LANs,” Proc. 2nd ACM Int. Work. Wirel. Mob. Appl. Serv. WLAN hotspots - WMASH ’04, pp. 51–60, 2004.
  • C. T. Chou and K. G. Shin, “An enhanced inter-access point protocol for uniform intra and intersubnet handoffs,” IEEE Trans. Mob. Comput., vol. 4, no. 4, pp. 321–334, 2005.
  • J. Hassan, H. Sirisena, and B. Landfeldt, “Trust-Based Fast Authentication for Mobile IPv6 Networks,” IEEE Trans. Mob. Comput., vol. 7, no. 2, pp. 1–5, 2008.
  • V. Bhargava and M. L. Sichitiu, “Physical Authentication through Localization in Wireless Local Area Networks,” IEEEGlobecom, pp. 1–5, 2005.
  • Z. Li, Q. Sun, Y. Lian, and C. W. Chen, “Joint source-channel-authentication resource allocation and unequal authenticity protection for multimedia over wireless networks,” IEEE Trans. Multimed., vol. 9, no. 4, pp. 837–850, 2007.
  • A. Roos, S. Wieland, A. T. Schwarzbacher, and B. Xu, “Time behaviour and network encumbrance due to authentication in wireless mesh access networks,” IEEE Veh. Technol. Conf., pp. 1219–1223, 2007.
  • L. Xiao, L. Greenstein, N. Mandayam, and W. Trappe, “Fingerprints in the ether: Using the physical layer for wireless authentication,” IEEE Int. Conf. Commun., pp. 4646–4651, 2007.
  • P. L. Yu, J. S. Baras, and B. M. Sadler, “Physical-Layer Authentication,” IEEE Trans. Inf. Foresics Secur., vol. 3, no. 1, pp. 38–51, 2008.
  • S. Capkun, M. Cagalj, G. Karame, and N. O. Tippenhauer, “Integrity regions: Authentication through presence in wireless networks,” IEEE Trans. Mob. Comput., vol. 9, no. 11, pp. 1608–1621, 2010.
  • Q. Jing, Y. Zhang, A. Fu, and X. Liu, “A privacy preserving handover authentication scheme for EAP-based wireless networks,” GLOBECOM - IEEE Glob. Telecommun. Conf., pp. 1–6, 2011.
  • J. Choi and S. Jung, “A handover authentication scheme using credentials based on chameleon hashing,” IEEE Commun. Lett., vol. 14, no. 1, pp. 54–56, 2010.
  • R. Soltwisch, X. Fu, D. Hogrefel, and S. Narayanan, “A Method for Authentication and Key Exchange for Seamless Inter-Domain Handovers,” IEEE Panasonic Technol., no. 2, pp. 463–469, 2004.
  • H. Zhu, X. Lin, R. Lu, P. H. Ho, and X. S. Shen, “SLAB: A secure localized authentication and billing scheme for wireless mesh networks,” IEEE Trans. Wirel. Commun., vol. 7, no. 10, pp. 3858–3868, 2008.
  • C. K. Han, H. K. Choi, and I. H. Kim, “Building femtocell more secure with improved proxy signature,” GLOBECOM - IEEE Glob. Telecommun. Conf., pp. 1–6, 2009.
  • C. Chang and H. Tsai, “Transactions Papers An Anonymous and Self-Veri fi ed Mobile Authentication with Authenticated Key Agreement for Large-Scale Wireless Networks,” IEEE Trans. Wirel. Commun., vol. 9, no. 11, pp. 3346–3353, 2010.
  • Y. Qiu, M. Ma, and X. Wang, “A proxy signature-based handover authentication scheme for LTE wireless networks,” J. Netw. Comput. Appl., vol. 83, no. February 2015, pp. 63–71, 2017.
  • D. He, S. Chan, and M. Guizani, “Handover authentication for mobile networks: security and efficiency aspects,” IEEE Netw., vol. 29, no. 3, pp. 96–103, 2015.
  • C. Tang and D. O. Wu, “An Efficient Mobile Authentication Scheme for Wireless Networks,” IEEE Trans. Wirel. Commun., vol. 7, no. 4, pp. 1408–1416, 2008.
  • M. Rekik, A. Meddeb-Makhlouf, F. Zarai, and M. S. Obaidat, “A MSCTP-Based Authentication Protocol: MSCTPAP,” 2015 IEEE Int. Conf. Data Sci. Data Intensive Syst., pp. 617–623, 2015.
  • A. P. Shrestha, D. Y. Choi, G. R. Kwon, and S. J. Han, “Kerberos based authentication for inter-domain roaming in wireless heterogeneous network,” Comput. Math. with Appl., vol. 60, no. 2, pp. 245–255, 2010.
  • H. Ahmed and H. Hassanein, “A Performance Study of Roaming in Wireless Local Area Networks Based on IEEE 802 . 11r,” 24th Bienn. Symp. Commun., vol. 2, no. 3, pp. 1–5, 2008.
  • N. S. V Shet, K. Chandrasekaran, and K. C. Shet, “Implementation of Handoff through wireless access point Techniques,” J. Telecommun., vol. 2, no. 2, pp. 143–146, 2010.
  • J. Mcnair and F. Zhu, “Vertical Handoffs in Fourth-Generation Multinetwork Environments,” Ieee Wirel. Commun., no. June, pp. 8–15, 2004.
  • I. F. Akyildiz, J. McNair, J. Ho, H. Uzunalioglu, and W. Wang, “Mobility Management in Next Generation Wireless Systems,” Proc. IEEE, vol. 87, no. 8, pp. 1347–1384, 1999.
  • L. C. Paul, “Handoff/Handover Mechanism for Mobility Improvement in Wireless Communication,” Glob. J. Res. Eng. Electr. Electron. Eng., vol. 13, no. 16, pp. 1–9, 2013.
  • A. Jain and S. Tokekar, “Application Based Vertical Handoff Decision in Heterogeneous Network,” Procedia Comput. Sci., vol. 57, pp. 782–788, 2015.
  • S. Park, P. Kim, and B. Voz, “Rapid Commit Option for the Dynamic Host Configuration Protocol version 4 (DHCPv4),” Netw. Work. Gr., pp. 1–10, 2005.
  • S. Shin, A. G. Forte, A. S. Rawat, and H. Schulzrinne, “Reducing MAC Layer Handoff Latency in IEEE 802.11 Wireless LANs,” MobiWac ’04 Proc. Second Int. Work. Mobil. Manag. Wirel. access Protoc., pp. 19–26, 2004.
  • H. Yokota, a. Idoue, T. Hasegawa, and T. Kato, “Link layer assisted mobile IP fast handoff method over wireless LAN networks,” Proc. 8th Annu. Int. Conf. Mob. Comput. Netw., pp. 131–139, 2002.
  • K. El Malki, “Low-Latency Handoffs in Mobile IPv4 Status,” Netw. Work. Gr., pp. 1–64, 2007.
  • R. Koodli, “Fast Handovers for Mobile IPv6 Status,” Netw. Work. Gr., pp. 1–42, 2005.
  • R. Koodli, “Mobile IPv6 Fast Handovers,” Starent Networks, pp. 1–48, 2008.
  • A. Dutta, S. Madhani, W. Chen, O. Altintas, and H. Schulzrinne, “Fast-handoff Schemes for Application Layer Mobility Management,” IEEE 15th Int. Symp. Pers. Indoor Mob. Radio Commun., vol. 3, pp. 1527–1532, 2004.
  • E. Gustafsson, A. Jonsson, and C. E. Perkins, “Mobile IP Regional Registration,” Mob. IP Work. Gr., pp. 1–35, 2001.
  • M. Zekri, B. Jouaber, and D. Zeghlache, “Context aware vertical handover decision making in heterogeneous wireless networks,” IEEE Local Comput. Netw. Conf., pp. 764–768, 2010.
  • H.-H. C. H.-H. Choi, O. Song, and D.-H. C. D.-H. Cho, “A seamless handoff scheme for UMTS-WLAN interworking,” IEEE Glob. Telecommun. Conf. 2004. GLOBECOM ’04., vol. 3, pp. 1559–1564, 2004.
  • Z. Yan, H. Zhou, H. Zhang, H. Luo, and S. Zhang, “A dual threshold-based fast vertical handover scheme with authentication support,” Proc. Int. Conf. Mob. Technol. Appl. Syst. - Mobil. ’08, p. 1, 2008.
  • A. Dutta, D. Famolari, S. Das, Y. Ohba, V. Fajardo, K. Taniuchi, R. Lopez, and H. Schulzrinne, “Media-Independent Pre-Authentication Supporting Secure Interdomain Handover Optimization,” IEEE Wirel. Commun., no. April, pp. 55–64, 2008.
  • X. Yang, Y. Zhang, J. K. Liu, and Y. Zeng, “A trust and privacy preserving handover authentication protocol for wireless networks,” Proc. - 15th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. 10th IEEE Int. Conf. Big Data Sci. Eng. 14th IEEE Int. Symp. Parallel Distrib. Proce, 2016.
  • J. Cao, M. Ma, and H. Li, “An Uniform Handover Authentication between E-UTRAN and Non-3GPP Access Networks,” IEEE Trans. Wirel. Commun., vol. 11, no. 10, pp. 3644–3650, 2012.
  • D. He, C. Chen, S. Chan, and J. Bu, “Secure and efficient handover authentication based on bilinear pairing functions,” IEEE Trans. Wirel. Commun., vol. 11, no. 1, pp. 48–53, 2012.
  • C. Perkins, “IP Mobility Support for IPv4,” Netw. Work. Gr., pp. 1–99, 2002.
  • A. Mishra, M. Shin, and W. A. Arbaush, “Context caching using neighbor graphs for fast handoffs in a wireless network,” Ieee Infocom 2004, vol. 1, pp. 351–361, 2004.
  • H. Wang and A. R. Prasad, “Fast Authentication for Inter-domain Handover,” in Telecommunications and Networking - ICT 2004, 2004, pp. 973–982.
  • S. Patrick and Y. Choi, “Fast handoff scheme based on mobility prediction in public wireless LAN systems,” IEE Proc. Commun., vol. 151, no. 5, pp. 489–495, 2004.
  • B. Alotaibi and K. Elleithy, “Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions,” Wirel. Pers. Commun., vol. 90, no. 3, pp. 1261–1290, 2016.
  • S. Bangolae, C. Bell, and E. Qi, “Performance study of fast BSS transition using IEEE 802.11r,” Proceeding 2006 Int. Conf. Commun. Mob. Comput. - IWCMC ’06, p. 737, 2006.
  • A. A. Tabassam, H. Trsek, S. Heiss, and J. Jasperneite, “Fast and seamless handover for secure mobile industrial applications with 802.11r,” Proc. - Conf. Local Comput. Networks, LCN, no. October, pp. 750–757, 2009.
  • B. Aboba, “IEEE P802.11 Wireless LANs: IEEE 802.1x Pre-Authentication,” One Microsoft W., no. June, p. 10, 2002.

Abstract Views: 316

PDF Views: 0




  • Secure and Fast Handovers Authentication Methods for Wi-Fi Based Networks:A Review Perspective

Abstract Views: 316  |  PDF Views: 0

Authors

Tahadray Jean Tsitaitse
College of Computer Science and Technology, Beijing University of Technology, Beijing, China
Yongquan Cai
College of Computer Science and Technology, Beijing University of Technology, Beijing, China
Shaldon Leparan Suntu
School of Computer and Communication Engineering, University of Science and Technology Beijing, China
Muhammad Nafees Ulfat Khan
School of Computer and Communication Engineering, University of Science and Technology Beijing, China

Abstract


Regarding to this study, an extensive review of secure and fast handovers schemes were studied with the aim of solving security problems and authentication server computational overhead experienced in the existing schemes in wireless fidelity based networks. The complete verification scheme outlined in IEEE 802.11i network is unsuitable to be deployed so as to support the user’s seamless mobility. The contribution of this paper suggested a robust delivery of handoff keys for internetworking and intranetworking schemes with a dedicated trust relationship model existing in diverse domains. Inter-access point protocol was used to transfer handover credentials in an intra-domain network. Likewise, an inter-access control-tunnelling protocol with opportunity key caching and pairwise master key caching are suggested for inter-domain security context-transfers. Man-in-the-middle attacks are tasked to break mutual authentication for wireless networks. This paper pinpoints out that the suggested fast handover authentication scheme in our study outperforms the scheme of Wang and Prasad and other schemes mentioned in the extant studies. The proposed authentication scheme prevents replay attacks, masquerading and message modification.

Keywords


Delay, Handover, Handoff Latency, Fast Handoff, Mutual Authentication, Horizontal Handoff, Seamless User Experience.

References