1 / 8

Fast Re-authentication of Mobile Users

Fast Re-authentication of Mobile Users. Minor Thesis Qasim Al-Mamari. Agenda. Introduction Related Work Protocol Specification Implementation Results Future Work Q & A. Introduction.

davis-bishop
Download Presentation

Fast Re-authentication of Mobile Users

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fast Re-authentication of Mobile Users Minor Thesis Qasim Al-Mamari

  2. Agenda • Introduction • Related Work • Protocol Specification • Implementation • Results • Future Work • Q & A

  3. Introduction • As a mobile user, the attributes of the device in use changes as the user traverse different networks or even sub-networks. • The loss of an authenticated session means that the user needs to undergo the authentication process again to continue their effort. • Performance and reliability of mobile networks is dependent on the capability of the access point providing the connectivity and on the movement of the mobile user where signals fade away when the user travels away from the access point

  4. Related Work • The current EAP implementation [RFC3748] does not support fast re-authentication of mobile nodes • Other extensions such as EAP-TTLS PEAP • pre-authentication has to be based on a concreted algorithm that defines the mobile node’s next point of association. • Yoshihiro et al addresses these issues and provides a Keberized Handover Keying (KHK) mechanism based on Kerberos ticketing technology. • The use of Kerberos introduces the issue of clock synchronization.

  5. Protocol Specification • X  Z : [{Nx X}kprx] kpuz ; • Z  X: [{Nx Z} kprz] kpux. • X  Y : [{Nx Z}kprx] kpuy ; • Z  Y : [{Nx Z} kprz] kpuy. • Notations: • X: home access point. • Y: neighbouring access point. • Z: mobile user. • Kpr* : indicates the private key of participant * • Kpu*: indicates the public key of participant *. • Nx: indicates the nonce produced by participant x.

  6. Results • Strand Spaces proofs protocol’s authenticity and secrecy. • FDR proofs protocol does not have design flaws. • Much faster than existing protocols because the mobile node is not required to produce a nonce. • The mobile node does not need to authenticate the current access point.

  7. Future Work • Use of less power consuming cryptography algorithms such as AES will be invistigated.

  8. Q & A • Questions, Comments, Concerns!

More Related