An improved password authentication key exchange protocol for 802.11 environment

Su Jung Yu, Joo Seok Song

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

In this paper, we propose a password authentication key exchange protocol for WLANs (Wireless LANs). We call the proposed protocol as the improved EAP-SPEKE (Extensible Authentication Protocol-Simple Password Encrypted Key Exchange). The improved EAP-SPEKE protocol supports mutual authentication and key derivation. The proposed protocol does not require any modification to the IEEE 802.1X and EAP. Before the protocol begins, the server and client compute one modulo exponentiation. Once the protocol begins, the server and client need to compute another exponentiation for mutual authentication. On the contrary, the EAP-SRP needs to compute two modulo exponentiation during the protocol. The client and server authenticate each other with three message exchanges. Therefore, the number of exchanged message decreases by one compared with the EAP-SRP. Besides, the improved EAP-SPEKE protocol works on the the ECC (Elliptic Curve Cryptosystems) base as well as the DH (Diffie-Hellman) base.

Original languageEnglish
Pages (from-to)201-209
Number of pages9
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2668
Publication statusPublished - 2003 Dec 1

Fingerprint

Password Authentication
Key Exchange
Authentication
Network protocols
Authentication Protocol
Exponentiation
Password
Mutual Authentication
Server
Modulo
Servers
Elliptic Curve Cryptosystem
Diffie-Hellman
Wireless LAN
Local area networks
Cryptography
Decrease

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

@article{3c83a49c78fa4c17bbfd91e0096f1c14,
title = "An improved password authentication key exchange protocol for 802.11 environment",
abstract = "In this paper, we propose a password authentication key exchange protocol for WLANs (Wireless LANs). We call the proposed protocol as the improved EAP-SPEKE (Extensible Authentication Protocol-Simple Password Encrypted Key Exchange). The improved EAP-SPEKE protocol supports mutual authentication and key derivation. The proposed protocol does not require any modification to the IEEE 802.1X and EAP. Before the protocol begins, the server and client compute one modulo exponentiation. Once the protocol begins, the server and client need to compute another exponentiation for mutual authentication. On the contrary, the EAP-SRP needs to compute two modulo exponentiation during the protocol. The client and server authenticate each other with three message exchanges. Therefore, the number of exchanged message decreases by one compared with the EAP-SRP. Besides, the improved EAP-SPEKE protocol works on the the ECC (Elliptic Curve Cryptosystems) base as well as the DH (Diffie-Hellman) base.",
author = "Yu, {Su Jung} and Song, {Joo Seok}",
year = "2003",
month = "12",
day = "1",
language = "English",
volume = "2668",
pages = "201--209",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - An improved password authentication key exchange protocol for 802.11 environment

AU - Yu, Su Jung

AU - Song, Joo Seok

PY - 2003/12/1

Y1 - 2003/12/1

N2 - In this paper, we propose a password authentication key exchange protocol for WLANs (Wireless LANs). We call the proposed protocol as the improved EAP-SPEKE (Extensible Authentication Protocol-Simple Password Encrypted Key Exchange). The improved EAP-SPEKE protocol supports mutual authentication and key derivation. The proposed protocol does not require any modification to the IEEE 802.1X and EAP. Before the protocol begins, the server and client compute one modulo exponentiation. Once the protocol begins, the server and client need to compute another exponentiation for mutual authentication. On the contrary, the EAP-SRP needs to compute two modulo exponentiation during the protocol. The client and server authenticate each other with three message exchanges. Therefore, the number of exchanged message decreases by one compared with the EAP-SRP. Besides, the improved EAP-SPEKE protocol works on the the ECC (Elliptic Curve Cryptosystems) base as well as the DH (Diffie-Hellman) base.

AB - In this paper, we propose a password authentication key exchange protocol for WLANs (Wireless LANs). We call the proposed protocol as the improved EAP-SPEKE (Extensible Authentication Protocol-Simple Password Encrypted Key Exchange). The improved EAP-SPEKE protocol supports mutual authentication and key derivation. The proposed protocol does not require any modification to the IEEE 802.1X and EAP. Before the protocol begins, the server and client compute one modulo exponentiation. Once the protocol begins, the server and client need to compute another exponentiation for mutual authentication. On the contrary, the EAP-SRP needs to compute two modulo exponentiation during the protocol. The client and server authenticate each other with three message exchanges. Therefore, the number of exchanged message decreases by one compared with the EAP-SRP. Besides, the improved EAP-SPEKE protocol works on the the ECC (Elliptic Curve Cryptosystems) base as well as the DH (Diffie-Hellman) base.

UR - http://www.scopus.com/inward/record.url?scp=35248851565&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=35248851565&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:35248851565

VL - 2668

SP - 201

EP - 209

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -