Biblio

Wireless mesh networking (WMN) is a new technology aimed to introduce the benefits of using multi-hop and multi-path to the wireless world. However, the absence of a fast and reliable handoff protocol is a major drawback especially in a technology designed to feature high mobility and scalability. We propose a fast and efficient handoff authentication protocol for wireless mesh networks. It is a token-based authentication protocol using pre-distributed parameters. We provide a performance comparison among our protocol, UFAP, and other protocols including EAP-TLS and EAP-PEAP tested in an actual setup. Performance analysis will prove that our proposed handoff authentication protocol is 250 times faster than EAP-PEAP and 500 times faster than EAP-TLS. The significant improvement in performance allows UFAP to provide seamless handoff and continuous operation even for real-time applications which can only tolerate short delays under 50 ms.

With the proliferation of WiFi-enabled devices, people expect to be able to use them everywhere, be it at work, while commuting, or when visiting friends. In the latter case, home owners are confronted with the burden of controlling the access to their WiFi router, and usually resort to simply sharing the password. Although convenient, this solution breaches basic security principles, and puts the burden on the friends who have to enter the password in each and every of their devices. The use of social networks, specifying the trust relations between people and devices, provides for a more secure and more friendly authentication mechanism. In this paper, we progress the state-of-the-art by abandoning the centralized solution to embed social networks in WiFi authentication; we introduce EAP-SocTLS, a decentralized approach for authentication and authorization of WiFi access points and other devices, exploiting the embedded trust relations. In particular, we address the (quadratic) search complexity when indirect trust relations, like the smartphone of a friend's kid, are involved. We show that the simple heuristic of limiting the search to friends and devices in physical proximity makes for a scalable solution. Our prototype implementation, which is based on WebID and EAP-TLS, uses WiFi probe requests to determine the pool of neighboring devices and was shown to reduce the search time from 1 minute for the naive policy down to 11 seconds in the case of granting access over an indirect friend.