Secure and User Efficient EAP-based Authentication Protocol for IEEE 802.11 Wireless LANs

Yadav, Awaneesh Kumar; Misra, Manoj; Liyanage, Madhusanka; Varshney, Gaurav

doi:10.1109/mass50613.2020.00076

Cited by 4 publications

(25 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, to secure the communication between the D and AS, several symmetric and asymmetric encryptionbased authentication protocols have been proposed, with the majority of them relying on the EAP architecture. Asymmetric encryption-based authentication protocols offer excellent security but come at a high cost, making them unsuitable for ultra-low-cost IoT devices [9]- [13]. In order to address the cost issue, several symmetric encryption-based authentication protocols are proposed.…”

Section: A Motivation and Contributionsmentioning

confidence: 99%

“…However, some recent findings [14], [15] reveal that although these protocols are lightweight but do not ensure the prominent security features such as perfect forward secrecy, identity protection, protection from traceability attack, privileged insider attack protection, ephemeral secret leakage, and many of them do not support fast reconnect for quick re-authentication. To the best of our knowledge, all the symmetric encryption-based authentication protocols [9]- [13] need a secure channel during the registration process. However, this is only achievable in private premises such as smart homes, smart factories, smart firm etc., and finding a secure channel is infeasible in public places such as smart hospital, smart shops, etc.…”

Section: A Motivation and Contributionsmentioning

confidence: 99%

See 1 more Smart Citation

An EAP-Based Mutual Authentication Protocol for WLAN-Connected IoT Devices

Yadav

Misra

Pandey

et al. 2023

IEEE Trans. Ind. Inf.

Self Cite

View full text Add to dashboard Cite

Several symmetric and asymmetric encryption based authentication protocols have been developed for the Wireless Local Area Networks (WLANs). However, recent findings reveal that these protocols are either vulnerable to numerous attacks or computationally expensive. Considering the demerits of these protocols and the necessity to provide enhanced security, a lightweight Extensible Authentication Protocol (EAP)-based authentication protocol for WLAN-connected IoT devices is presented. We conduct an informal and formal security analysis to ensure robustness against the attacks. Furthermore, the empirical performance analysis and comparison show that the proposed protocol outperforms its counterparts, reducing computational, communication, storage costs, and energy consumption by up to 99%, 80%, 91.8%, and 98%, respectively. Simulation results of the protocol using the NS3 and its overhead under unknown attacks demonstrate that the proposed protocol performs better in all scenarios. A prototype implementation of the protocol has also been tested to evaluate its feasibility in real-time applications.

show abstract

Section: A Motivation and Contributionsmentioning

confidence: 99%

Section: A Motivation and Contributionsmentioning

confidence: 99%

An EAP-Based Mutual Authentication Protocol for WLAN-Connected IoT Devices

Yadav

Misra

Pandey

et al. 2023

IEEE Trans. Ind. Inf.

Self Cite

View full text Add to dashboard Cite

show abstract

“…In strong password-based authentication protocols, supplicant (STA) and authentication server (S) assure each other that they knew a secret without transmitting it. EAP based authentication protocols [9]- [16] belonging to this category use symmetric encryption to encrypt and decrypt the exchanged messages. These protocols are lightweight but prone to various attacks like replay attack, identity theft, privileged insider attack, and violation of perfect forward secrecy.…”

Section: Related Workmentioning

confidence: 99%

“…2) Lack of protection from privileged insider attack: It requires that STA must keep secret credentials in disguised form in the database so that no insider may pry into the information. None of the existing schemes [9]- [16] based on pre-shared key provide the protection from the privileged insider attack. 3) Perfect forward secrecy: Even if long-term credentials are compromised, obtaining the previous session key should not be possible.…”

Section: A Research Gapsmentioning

confidence: 99%

“…The outcome of Table IV clearly indicates that the proposed protocol takes significantly less computation and communication cost compared to the state-of-the-art. It can be observed form the outcome of Table IV that the proposed protocol reduces the computation cost by 99% 37.25%, 23%, 16%, 26%, 16%, 99.87%, 99%, 99% with respect the [2] [9], [11], [12], [14], [16], [18], [17], [19] respectively and the communication cost 16%, 16%, 19.23%, 8.6%, 8.6%, 85%, 79.41%, 74.39% with respect to [2] [9], [11], [12], [14], [18], [17], [19] respectively. Hence, we can infer that the proposed protocol is lightweight compared to all existing authentication protocols.…”

Section: B Overhead Analysismentioning

confidence: 99%

See 1 more Smart Citation