Fast and Secure Authentication Using Double Token based Scheme for WLANs

Authentication can provide security by preventing unauthorized usage and negotiating the credentials for secure communication. Nevertheless, it induces heavy overhead to communications, further deteriorating the quality of service (QoS). Analyzing QoS and security impact of authentication, therefore, becomes critical to developing efficient authentication schemes. In this paper, we propose a system model for the analysis of challenge/response authentication in wireless networks. In the proposed double token based fast authentication scheme, one token is generated in the registration phase and second in the authentication phase which provides another layer of security to the authentication scheme. All the keys are exchanged during the registration phase. This makes the security parameters known only to the mobile client (MC), authenticator and authentication server (AS). Attackers would be unable to know the token and other secret keys because they are shared only during the registration phase. This makes the authentication scheme highly secure. The number of key exchanges that takes place during authentication phase is less, which makes the authentication fast as compared to Extensible Authentication Protocol (EAP) authentication where all messages are exchanged during the authentication phase. The proposed scheme results in fast authentication without compromising the security of wireless networks. General Terms Authentication, Encryption, Wireless network security.