Secure and User Efficient EAP-based Authentication Protocol for IEEE 802.11 Wireless LANs

Yadav, Awaneesh KumarAwaneesh KumarYadavMisra, ManojManojMisraLiyanage, MadhusankaMadhusankaLiyanageVarshney, GauravGauravVarshney2021-04-152021-04-152020 IEEE2020-12-13978-1-7281-9867-5http://hdl.handle.net/10197/12099The 17th IEEE International Conference on Mobile Ad-Hoc and Smart Systems (IEEE MASS - 2020), Delhi, India (held online due to Coronavirus outbreak), 10-13 December 2020Wireless Local Area Networks (WLANs) have experienced significant growth in the last two decades due to the extensive use of wireless devices. Security (especially authentication) is a staple concern as the wireless medium is accessible to everybody. Extensible Authentication Protocol (EAP) is the widely used authentication framework in WLANs to secure communication. The authentication mechanism designed on EAP is called EAP method. There are numerous EAP based and non-EAP based authentication protocols for WLANs, but there is no protocol that fulfills all the security requirements, as mentioned in RFC-4017 and other additional requirements like perfect forward secrecy, Denial-of-service (DoS) attack protection, and lightweight computation. Hence, it is fair to infer that there is an impelling need to design a protocol that can meet all the security requirements. In this paper, we propose a secure and user efficient EAP-based authentication protocol for IEEE 802.11 WLANs. The proposed protocol has been formally validated by BAN logic and the AVISPA tool [18]. The simulation results depict that the proposed protocol achieves all security requirements, as mentioned in RFC-4017 along with perfect forward secrecy, Denial-of-service (DoS) attack protection, and lightweight computation. The proposed protocol outperforms the existing protocols in terms of computation cost by reducing the computation cost by ≈99.9956%, 99.991%, 27.27%, 22.705% in comparison to EAP-TLS, EAP-TTLS, EAP-Ehash, EAP-SELUA, respectively.en© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Wireless communicationWireless LANProtocolsAuthenticationDenial-of-service attackSecurityServersSecure and User Efficient EAP-based Authentication Protocol for IEEE 802.11 Wireless LANsConference Publication10.1109/mass50613.2020.000762021-03-04H2020-MSCA-IF-201718/CRT/6183CS20190630https://creativecommons.org/licenses/by-nc-nd/3.0/ie/