Implementation and Performance Evaluation of EAP-TLS-KS

Abstract

In this paper we analyze the performance of authentication protocols for roaming in 802.11i-protected WLANs. In particular, we compare the recently introduced EAP-TLS-KS protocol to standard configurations in EAP-TLS. Roaming configurations for EAP-TLS are such that all traffic is forwarded to the home network leaving the foreign network no control over the authentication. Alternatively, the foreign network handles authentication on its own, and the home network relinquishes control. In contrast, EAP-TLS-KS involves both networks and gives each of them control over the authentication. In addition to performance evaluations, we discuss how to implement EAP-TLS-KS, what difficulties one may encounter, and how they can be solved