3rd International ICSTConference on Wireless Internet

Research Article

An authentication scheme for fast handover between WiFi access points

  • @INPROCEEDINGS{10.4108/wicon.2007.2282,
        author={Andr\^{a}s Boh\^{a}k and Levente Butty\^{a}n and L\^{a}szl\^{o} D\^{o}ra},
        title={An authentication scheme for fast handover between WiFi access points},
        proceedings={3rd International ICSTConference on Wireless Internet},
        keywords={Fast handover IEEE 802.11i EAP-SIM},
  • András Bohák
    Levente Buttyán
    László Dóra
    Year: 2010
    An authentication scheme for fast handover between WiFi access points
    DOI: 10.4108/wicon.2007.2282
András Bohák1,*, Levente Buttyán1,*, László Dóra1,*
  • 1: Laboratory of Cryptography and Systems Security (CrySyS) Budapest University of Technology and Economics, Hungary
*Contact email: bohak@crysys.hu, buttyan@crysys.hu, dora@crysys.hu


In this paper, we propose an authentication scheme that is designed to reduce the authentication delay during a WiFi handover process. We observe that the largest part of the delay is due to the remote communications between the ac- cess point and the AAA server that authorizes the access to the network. In order to eliminate remote communications, our scheme uses pre-authorization, and it pre-distributes au- thentication information to the access points that are the po- tential targets of a future handover. This ensures that only local communications (between the mobile station and the access point) take place during the handover itself. We de- scribe the design of our scheme, as well as report on a proof- of-concept implementation. Our validation results show that our scheme breaks the dependency of the authentication de- lay on the round-trip time between the access point and the AAA server. This makes our scheme applicable in real time applications such as telephony and video streaming for WiFi users.