Elsevier

Computer Networks

Volume 51, Issue 3, 21 February 2007, Pages 655-670
Computer Networks

Access control protocols with two-layer architecture for wireless networks

https://doi.org/10.1016/j.comnet.2006.05.009Get rights and content

Abstract

In this paper we study two access control protocols which have similar two-layer access control architectures for wireless networks in public places. The first protocol, called the Lancaster protocol, employs user password for authentication and enforces access control at the IP layer; while the second protocol, referred to as the Stanford protocol, uses public key cryptosystems (PKC) for authentication and performs access control at the link layer. Although both protocols are intended to restrict access to wireless networks only to authorized users, our analysis shows that both protocols have serious security flaws which make them vulnerable to attacks. Then we propose a password-based protocol and a PKC-based protocol for the Lancaster architecture and the Stanford architecture, respectively. Both of our protocols provide mutual authentication, perfect forward secrecy and access control for wireless networks. Moreover, they also provide DoS resistance and identity confidentiality for the client. We present detailed security and performance analysis for our protocols, and show that both of our protocols are secure and efficient for access control in wireless networks.

Introduction

The demand for access to wireless networks in public places, such as airport lounges, college campuses and city centers, has surged dramatically over the recent few years. This is mainly due to the growing popularity of mobile devices and the increasing pervasiveness of wireless technologies, such as IEEE 802.11, HomeRF, HIPERLAN/2 and Bluetooth. A major concern in wireless networking is security and in particular network access control. Since deployment of wireless network technologies in public places bears the danger of unauthorized users gaining access to network services, it is extremely important to be able to restrict access to the network only to authorized users. Therefore, secure user authentication and authorization, and a reliable access control mechanism are vital for wireless networks.

Two protocols which have similar two-layer access control architectures for wireless networks in public places have been proposed in the literature recently. The first access control protocol, called the Lancaster protocol [28], [17], is designed for a wireless overlay network around Lancaster city, UK; it employs user password for authentication and enforces access control at the IP layer. However, the design flaws of the Lancaster protocol make it vulnerable to various attacks.

The second access control protocol, referred to as the Stanford protocol [16], aims to overcome several security deficiencies in 802.1X [24] and to provide access control in both wireless and wired networks; it uses public key cryptosystems (PKC) for authentication and performs access control at the link layer. Although this protocol is supposed to resist DoS attacks, it is unfortunately susceptible to DoS attacks as well as to other types of attacks.

The models of these two protocols are representative for access control in overlay wireless access networks. Both models adopt a two-layer access control architecture, in which a higher layer is responsible for authentication and key agreement while a lower layer is responsible for per-packet access control. The difference of the two models is the different credentials on which the two protocols are based. The Lancaster protocol relies on a secret password shared between the client and the server, while the Stanford protocol depends on the certificates of the client and the server for authentication and access control. Password-based and certificate-based access control protocols are two different approaches with different advantages: the former approach is more convenient and user-friendly, while the latter can offer more security features like DoS resistance and identity anonymity.

In this paper, we discuss in detail the flaws of these two access control protocols and propose two secure protocols in place of the Lancaster protocol and the Stanford protocol, respectively. Our first proposed protocol uses weak passwords for authentication and key exchange. The protocol provides great user-friendliness and convenience for users since they do not require any PKC infrastructure but only human-memorable passwords. Our second protocol, which is a PKC-based protocol, is designed for wireless networks where PKC infrastructure is available. Other than mutual authentication and secure key exchange, our protocols provide more protection for wireless networks: it employs the cookie mechanism to defend against DoS attacks, while protects clients’ identities from disclosure to offer identity confidentiality for clients.

The remainder of this paper is organized as follows. In Section 2, we review related work on authentication and access control protocols for wireless networks. Then we discuss the security requirements for access control protocols in Section 3. After that we first present the Lancaster protocol and our detailed security analysis in Section 4; we then introduce a password-authenticated key exchange protocol to replace the Lancaster protocol. In Section 5 we mention the Stanford protocol and analyze its security loopholes; we then give an alternative PKC-based protocol. At last, we draw our concluding remarks in Section 6.

For ease of reference, important notations used throughout the paper are listed in Table 1.

Section snippets

Related work

Due to prevalence of wireless networks, there has been a lot of research focusing on access control and authentication protocols for wireless networks. Unfortunately, existing solutions for wireless networks cannot fulfill all the security requirements, and some of them even have serious security flaws.

The IEEE standard 802.11 [23] used the Wired Equivalent Privacy (WEP) protocol, which is a symmetric cryptosystem based protocol, for access control in wireless networks. WEP is intended to

Security requirements

Before proceeding with the description of the authentication and access control protocols for wireless networks, we list below a number of security requirements for such protocols.

  • Mutual Authentication: Authentication of the client to the authentication server and authentication of the server to the client. The network wants to be sure that it is communicating with a genuine client; otherwise there is a danger that spurious client will be able to fraudulently gain a level of service without

Password-based access control protocols

In this section, we first review the Lancaster access control architecture considered in [28], [17], present the Lancaster protocol designed for the architecture, discuss its security weaknesses and then introduce our protocol for the access control architecture. Both the Lancaster protocol and our protocol use user passwords for authentication and key exchange. Password-based schemes are still the dominate approach for user authentication, and this is particularly true for mobile users who may

Public key cryptosystem based access control protocols

In the last section, we focused on password-based access control protocols. Such protocols are easy to use especially for mobile users who move from one device to another device. In this section, we are concerned with access control protocols based on public key cryptosystem (PKC). For this purpose, we first review the Stanford access control architecture and protocol as proposed by Faria and Cheriton [16]. We then point out some weaknesses in the Stanford protocol and present our access

Conclusions

Security issues are crucial for wireless communications, and a secure and efficient access control mechanism is the first line of defense for secure wireless networking. In this paper we reviewed two two-layer access control architectures, the Lancaster architecture [28], [17] and the Stanford architecture [16]. We analyzed the access control protocols in the two architectures and identified various weaknesses and flaws.

Based on the same two-layer architectures, we proposed two access control

Acknowledgement

This paper is partly funded by Office of Research, Singapore Management University.

Zhiguo Wan is currently a Ph.D. candidate at National University of Singapore. His main research interests include cryptography, security in wireless networks. He received his B.S. in computer science from Tsinghua University in 2002.

References (31)

  • W. Aliello et al., Just fast keying (JFK), IETF Draft (work in progress). Available from:...
  • W. Aliello et al., Efficient, DoS-resistant, secure key exchange for internet protocols, in: Proceedings of ACM...
  • A. Aziz et al.

    Privacy authentication for wireless local area networks

    IEEE Personal Communications

    (1994)
  • K. Aoki, H. Lipmaa, Fast implementations of AES candidates, Third AES Candidate Conference, New York City, USA, 13–14...
  • W.A. Arbaugh, N. Shankar, J. Wang, Your 802.11 networks has no clothes, in: Proceedings of the First IEEE International...
  • M.J. Beller et al.

    Privacy and authentication on a portable communications system

    IEEE Journal on Selected Areas in Communications

    (1993)
  • S.M. Bellovin, Problem areas for the IP security protocols, in: Proceedings of the 6th USENIX Security Symposium, San...
  • N. Borisov, I. Goldberg, D. Wagner, Intercepting mobile communications: the insecurity of 802.11, in: Proceedings of...
  • S.M. Bellovin et al.

    Encrypted key exchange: password-based protocols secure against dictionary attacks

  • S.M. Bellovin et al.

    Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise

  • C. Boyd, D.-G. Park, Public key protocols for wireless communications, in: Proceedings of the 1998 International...
  • P. Funk, EAP Tunneled TLS Authentication Protocol Version 1, IETF Draft. Available from:...
  • B. Aboba, D. Simon, PPP EAP TLS Authentication Protocol, IETF RFC 2716, October...
  • S. Josefsson et al., Protected EAP Protocol (PEAP), IETF Draft (work in progress). Available from:...
  • Cisco, Cisco LEAP protocol description. Available from: <http://www.missl.cs.umd.edu/wireless/ethereal/leap.txt>,...
  • Cited by (6)

    Zhiguo Wan is currently a Ph.D. candidate at National University of Singapore. His main research interests include cryptography, security in wireless networks. He received his B.S. in computer science from Tsinghua University in 2002.

    Robert H. Deng is Professor and Director of SIS Research Center, School of Information Systems, Singapore Management University. Prior to this, he was Principal Scientist and Manager of Infocomm Security Department, Institute for Infocomm Research. He has 23 patents and more than 140 technical publications in international conferences and journals in the areas of computer networks, network and distributed system security and information security. He has served as general chair, program chair, and program committee member of numerous international conferences. He received the University Outstanding Researcher Award from the National University of Singapore in 1999 and the Lee Kuan Yew Fellow for Research Excellence from the Singapore Management University in 2006.

    He received his B.Eng from National University of Defense Technology, China, in 1981, his M.Sc and Ph.D. from Illinois Institute of Technology, USA, in 1983 and 1985, respectively.

    Feng Bao received his BS in mathematics and MS in computer science from Peking University in 1984 and 1986, respectively, and his Ph.D. in computer science from Gunma University in 1996. Currently he is the Principal Scientist and the Department Manager of the Systems & Security Department of Institute for Infocomm Research, Singapore. He has 15 patents and over 150 journal/conference publications in cryptography and information security. He served numerous international conferences in this area as general chair, program chair and program committee member.

    Akkihebbal L. Ananda is an Associate Professor in the Computer Science Department of the School of Computing at the National University of Singapore. His research areas of interest include transport protocols, IP mobility, IPv4 and IPv6 transition mechanisms, and wireless and sensor networks.

    Ananda obtained M.Tech degree in Electrical Engineering from the Indian Institute of Technology, Kanpur in 1973, and M.Sc and Ph.D. degrees in computer science from the University of Manchester, UK, in 1981 and 1983 respectively.

    View full text