Secure fast WLAN handoff using time-bound delegated authentication

To support multimedia applications with good quality of services for roaming wireless local area network users, it is imperative to reduce the long re-authentication latency that users experience during handoff among access points (APs). Athough a great deal of research resources have been put into the reduction of the re-authentication latency, these schemes developed so far seem to either suffer from heavy overhead problems or have weak security. In this paper, we propose a novel approach to reducing the re-authentication latency. With the authentication server (AS) periodically delegating its authentication authority to the authenticated APs, the APs can authenticate the roaming users on behalf of the AS. As our performance analysis and simulation results demonstrate, our new approach is capable of greatly reducing the latency and overhead while achieving a high security level. Furthermore, it does not increase the complexity on the AP side because only the already existing four-way handshake with new keying mechanism is required. Copyright (C) 2008 John Wiley & Sons, Ltd.