Abstract
This paper presents our work relating to introduction of EAP smartcards in emerging wireless LAN like Wi-Fi or WiMax. We analyse basic characteristics involved in authentication protocols from feasibility and performances points of view. We shortly introduce our open Java architecture, and underline some observed interoperability issues. We present and analyze results obtained with five different smartcards, for two authentication scenarios: the first one works with an asymmetric algorithm (EAP-TLS, a transparent transport of the well known SSL standard), and the second method uses the EAP-AKA protocol, which is an adaptation of the symmetric Milenage algorithm. We introduce a new class of smartcard which acts as EAP server, and that has been successfully tested in operational networks. Finally we suggest a new way to manage and use smartcards, remotely and securely, by using Trusted EAP Modules.
Chapter PDF
Similar content being viewed by others
Keywords
- Medium Access Control
- Extensible Authentication Protocol
- Pseudo Random Function
- Broadband Wireless Access System
- Authentication Scenario
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
RFC 2246, The TLS Protocol Version 1.0 (January 1999)
Aboba, B., Simon, D.: RFC 2716, PPP EAP TLS Authentication Protocol (October 1999)
Institute of Electrical and Electronics Engineers, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE Standard 802.11 (1999)
Castellà, J., Domingo-Ferrer, J., Herrera-Joancomartí, J., Planes, J.: A Performance Comparison of Java Cards for Micro payment Implementation. In: Proceedings of the Fourth Working Conference on Smart Card Research and Advanced Applications, CARDIS, Bristol, UK, September 20-22 (2000)
Institute of Electrical and Electronics Engineers, Local and Metropolitan Area Networks: Port-Based Network Access Control, IEEE Standard 802.1X (September 2001)
Institute of Electrical and Electronics Engineers, IEEE Standard for Local and Metropolitan Area Networks, part 16, Air Interface for Fixed Broadband Wireless Access Systems, IEEE Standard 802.16 (2001)
3GPP TS 35.206 V5.0.0, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 2: Algorithm Specification, 3GPP (June 2002)
Aboba, B., Calhoun, P.: RFC 3559, RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) (September 2003)
Institute of Electrical and Electronics Engineers, Supplement to Standard for Telecommunications and Information Exchange Between Systems - LAN/MAN Specific Requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification for Enhanced Security, IEEE standard 802.11i (2004)
Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H. (eds.): RFC 3748, Extensible Authentication Protocol (EAP) (June 2004)
Urien, P., Badra, M., Dandjinou, M.: EAP-TLS Smartcards, from Dream to Reality. In: 4th Workshop on Applications and Services in Wireless Networks, ASWN 2004, Boston University, Boston, August 8-11 (2004)
Douin, J.-M., Paradinas, P., Pradel, C.: Open Benchmark for Java Card Technology. In: e- Smart 2004, Sophia Antipolis, France, September 22-24 (2004)
Internet Draft, Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA), draft-arkko-pppext-eap-aka-15.txt (December 2004)
Institute of Electrical and Electronics Engineers, Approved Draft IEEE Standard for Local and metropolitan area networks part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems Amendment for Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands, IEEE 802.16e (December 2005)
Internet Draft, EAP-Support in Smartcard, draft-eap-smartcard-09.txt, (October 2005)
Urien, P., Dandjinou, M.: The OpenEapSmartcard project, short paper. In: Applied Cryptography and Network Security 2005, ANCS 2005, New York, USA, June 7-10, Columbia University (2005)
Eronen, P., Hiller, T., Zorn, G.: RFC 4072, Diameter Extensible Authentication Protocol (EAP) Application (August 2005)
Guyot, V.: Smartcard, a mobility vector, Phd defense, University of Paris 6, Paris, France, September 30 (2005)
Urien, P., Dandjinou, M., Badra, M.: Introducing micro-authentication servers in emerging pervasive environments. In: IADIS International Conference WWW/Internet 2005, Lisbon, Portugal, October 19-22 (2005)
OpenEapSmartcard WEB site, http://www.enst.fr/~urien/openeapsmartcard
RFC 2131, Dynamic Host Configuration Protocol, DHCP, (March 1997)
TCG, TPM Main Part 1: Design Principles, Specification Version 1.2 Revision 85 (February 2005)
3GPP TS 11.14, Digital cellular telecommunications system (Phase 2+); Specification of the SIM Application Toolkit (SAT) for the Subscriber Identity Module - Mobile Equipment (SIM-ME) interface (2003)
3GPP TS 03.48, Digital cellular telecommunications system (Phase 2+); Security mechanisms for the SIM Application Toolkit; Stage 2 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Urien, P., Dandjinou, M. (2006). Designing Smartcards for Emerging Wireless Networks. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds) Smart Card Research and Advanced Applications. CARDIS 2006. Lecture Notes in Computer Science, vol 3928. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11733447_12
Download citation
DOI: https://doi.org/10.1007/11733447_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33311-1
Online ISBN: 978-3-540-33312-8
eBook Packages: Computer ScienceComputer Science (R0)