Secure 3GPP-WLAN authentication protocol based on EAP-AKA

Abstract

EAP-AKA is used as an authentication protocol during handoff across heterogeneous systems with different underlying technologies like the 3GPP-WLAN internetwork. However the protocol cannot be put to practical use due to its high authentication delay and vulnerabilities to several attacks like user identity disclosure, man in the middle attack and DoS attack. Moreover, the validity of Access Point of the WLAN network is often not checked, leaving the user vulnerable to several attacks even after heavy authentication procedure. For this purpose we propose a modified, secure EAP-SAKA protocol using Elliptic Curve Diffie Hellman for symmetric key generation by taking into consideration the validation of access point. Additionally, we make EAP-SAKA faster by decreasing the propagation delay of the signaling messages. The proposed protocol is supported using detailed security analysis and performance analysis. Also, security validation of EAP-SAKA is carried out using a widely accepted formal verification tool called AVISPA and is found to be safe.