A secure n-secret based client authentication protocol for 802.11 WLANs

  • PDF / 1,838,244 Bytes
  • 13 Pages / 595.276 x 790.866 pts Page_size
  • 48 Downloads / 209 Views

DOWNLOAD

REPORT


A secure n-secret based client authentication protocol for 802.11 WLANs Pawan Kumar1 · Dinesh Kumar2

© Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract Authentication has strong impact on the overall security model of every information system. Various authentication techniques are available for restricting the access of unauthorized users to the enterprise scale networks. IEEE 802.1X defines a secure and reliable authentication framework for 802.11 WLANs, where Extensible Authentication Protocol (EAP) provides the base to this architecture. EAP is a generic architectural framework which supports extensibility by incorporating the new and improved authentication schemes, which are based on different types of credentials. Currently there exist a number of EAP and Non-EAP methods with varying level of security and complexity. In this work, we have designed a new n-secret based authentication scheme referred here as Personal Dialogue Based Authentication, for the client authentication to the network. It is a Transport Layer Security (TLS) protected authentication protocol, which will be executed inside the secure TLS tunnel for providing the privacy and credential security to the wireless client. The developed authentication protocol has a reasonable set of features like; strong security, user privacy, simplicity and extensibility. For the formal analysis of the protocol we have used SPAN–AVISAP model checker on Ubuntu platform for validating the realization of the specified security goals. The experimental results obtained by simulation performed with the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool shows that our protocol is efficient and secured. Keywords Information security · Authentication · WLAN · EAP · 802.1X

1 Introduction Wireless technology is preferred choice for every network because of its efficiency, flexibility and cost savings. Applications of wireless networks are evolving rapidly and all its security concerns are also getting resolved very quickly. As the information security is a highly dynamic area, it requires continuous up-gradation and advancement by the incorporation of new methods and techniques. Authentication is an essential component of every secure communication system. A well designed authentication scheme can protect a network from various potential threats. Almost all the authentication schemes are based on the theory of: something we are

B

Dinesh Kumar [email protected] Pawan Kumar [email protected]

1

IKG PTU, Kapurthala, India

2

DAV Institute of Engineering and Technology, Jalandhar, India

i.e. biometric based, something we have i.e. token based or something we know i.e. secret based [1]. Simple authentication schemes use one of these authentication factors, while the multifactor authentication schemes combine two or more authentication factors to make the system more secure and difficult to crack [2]. Wireless standards WPA2 and 802.11i offers the protection against almost all identified WLAN atta