Secure, fast handhoff techniques for 802.1X based wireless network

Wireless networks that support client mobility have to face the challenge of providing a secure, performant handoff between different access points. IEEE 802.1X model provides a secure mechanism used by many standard protocols to securely generate keying material between two peer hosts when one of the two is accessing the network for first time, but that is hardly usable for reauthentication during handoff procedures without loss of performance. This paper deals with the proposal of a novel scheme to transport authentication credentials during handoff that uses a two-way only exchange with the backend authentication server maintaining the security of the system. As a high-level method it can be applied to different types of network, such as IEEE 802.11i infrastructure or ad-hoc mode networks in a mesh environment.

Wireless networks that support client mobility have to face the challenge of providing a secure, performant handoff between different access points. IEEE 802.1X [1] model provides a secure mechanism used by many standard protocols to securely generate keying material between two peer hosts when one of the two is accessing the network for first time, but that is hardly usable for reauthentication during handoff procedures without loss of performance. This paper deals with the proposal of a novel scheme to transport authentication credentials during handoff that uses a two-way only exchange with the backend authentication server maintaining the security of the system. As a high-level method it can be applied to different types of network, such as IEEE 802.11i [2] infrastructure or ad-hoc mode networks in a mesh environment.