Back to index

Privacy and Authentication for Wireless Local Area Networks

Ashar Aziz, Whitfield Diffie

One-line summary: For seamless integration between wireless and existing networks, end-to-end security is not realistic, so instead authors propose a link-layer protocol by which machines (BS's, routers, MH's) can authenticate each other and securely exchange session keys.

Overview/Main Points

  1. First msg (challenge): MH sends to BS (in clear) certificate, nonce, list of all shared-key cryptosystems (SKCS) supported by mobile.
  2. Challenge Response: BS sends certificate in clear, chosen SKCS in clear, Z={R1}pub_mobile, and (Z, chosen SKCS, original nonce, original list of SKCS) signed by BS. The signed piece authenticates this message as being a reply to the first.
  3. Mobile then chooses random number R2, and sends {R2}pub_base and ({R2}pub_base,{R1}pub_mobile) signed by mobile.
  4. New session key is R1 xor R2.


How to do link-level security, given assumption that end-to-end will be too intrusive to integrate seamlessly with existing networks. (My view: end-to-end will ultimately be necessary anyway for other reasons, but these techniques can be applied there as well.)


Back to index