Skip to main content
SpringerLink
Log in

Authentication in wireless networks: state of the art and integration with smart card

Authentification dans les réseaux radioélectriques : état de l’art et intégration avec la carte à puce

  • Published:
Annales des Télécommunications Aims and scope Submit manuscript

Abstract

Wirelesslan have spread very quickly over the past few years. Demand for wireless access tolans has raised due to new mobile computing devices, such as laptops and personal digital assistants, and a desire for seamless and permanent connections to networks. Nevertheless a lot of security issues remain and stop its deployment in corporations. One of the most important issues is the authentication of a terminal to an Access Point. We propose an interface to integrate the Extensible Authentication Protocol into smart cards and will show that smart cards could constitute the de-facto device for authentication in Wirelesslan as they are forgsm and will be forumts (Universal Mobile Telecommunication System).

Résumé

Les réseaux radioélectriques, plus précisément les réseaux locaux radioélectriques (wlan), se sont répandus très rapidement ces dernières années. La demande d’accès radio à un réseau local a augmenté considérablement avec les nouveaux terminaux mobiles, tels que les ordinateurs portables, les assistants personnels et aussi parce l’utilisateur souhaite une connexion permanente et sans couture aux réseaux. Néanmoins, de nombreux problèmes de sécurité demeurent et stoppent leur déploiement en entreprise. Un des problèmes les plus importants est l’authentification du terminal à un point d’accès. Nous proposons une interface pour intégrer le protocoleeap (Extensible Authentication Protocol) dans une carte à puce et nous montrons que les cartes à puce pourraient constituer l’élément incontournable pour l’authentification dans ces réseaux, comme elles le sont à l’heure actuelle dans legsm et le seront pour l’umts (Universal Mobile Telecommunication System).

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. International Organization for Standardization (iso) “Identification cards — Integrated circuit(s) card with contact”iso/iec 7816

  2. SchlumbergerSema, e-gate.

  3. Dhem (J.-F.),Feyt (N.), “Hardware and software symbiosis helps smart card evolution”,ieeeMicro p14–25, November/December 2001.

  4. Information Technology Security Evaluation Criteria (itsec), Harmonised Criteria of France, Germany, the Netherlands, United Kingdom, V1.2, European Commission Luxembourg, June 2001.

  5. fips 140-1 andfips 140-2 Cryptographic Modules, http://csrc.nist.gov/cryptval/140-1/1401val2002.htm

  6. Sakamura (K.),Koshizuka (N.), “Theetron wide-area distributed architecture for e-commerce”,ieeeMicro p. 7–12, November/December 2001.

  7. The communicating Mobile Objects Project, “Laboratoire Informatique Fondamentale de Lille” (lifl) and Gemplus.

  8. Urien (P.), “La puce Internet, ou l’ultime objet mobile communiquant”,soc’2001, October 2001.

  9. Marvie (R.),Pellegrini (M.-C.),Potonniée (O.), “Smart cards: A system support for service accessibility from heterogeneous devices”,In 9thacm sigopsEuropean Workshop, September 2000, Kolding, Denmark.

  10. Urien (P.),Saleh (H.),Tizraoui (A.), “xml Smartcards”,ieeInternational Conference on Networking,icn’01, July 11–13, 2001 —cref, Colmar, France.

  11. lan man Standards of theieee Computer Society. Wirelesslan medium access control (mac) and physical layer (phy) specification”,ieee Standard 802.11,ieee Press, 1997.

  12. Walker (J.), “Unsafe at any key size: An analysis of thewep encapsulation”,ieee 802.11-00/362,ieeePress, 2000.

  13. Borisov (N.),Goldberg (I.),Wagner (D.). “Intercepting Mobile Communications: The Insecurity of 802.11”, 7th InternationalConference on Mobile Computing and Networking, July 2001 in Rome Italy.

  14. Fluhrer (S.),Mantin (I.),Shamir (A.), “Weaknesses in the key scheduling ofrc4”, Proc. 8th Ann. Workshop Selected Areas in Cryptography,Springer, 2001, pp. 1–24.

  15. Stubblefield (A.),Ioannidis (J.),Rubin (A.D.), “Using the Fluhrer, Mantin, and Shamir attack to breakwep”, Proc.Network and Distributed System Security Symposium (ndss), Internet Society, 2002.

  16. Arbaugh (W. A.),Shankar (N.), (Y. C. J.)wan, “Your 802.11 Wireless Network has No Clothes”, Inieee International Conference on Wirelesslans and Home Networks, Singapore, Dec 2001

  17. Petroni Jr. (N. L.),Arbaugh (W. A.), “The dangers of mitigating security design flaws: a wireless case study”,ieeeSecurity and Privacy p. 28–36, January 2003.

  18. Wi-Fi Alliance, Wi-Fi Protected Access (wpa), http://www.weca.net

  19. ieee 802.1X specification (ieee Standard), http://standards.ieee.org/reading/ieee/std/lanman/802.1X-2001.pdf.

  20. Arbaugh (W. A.),Mishra (A.), “An Initial Security analysis of the 802.1X standard”, www.cs.umd.edu/∼waa/lx.pdf.

  21. Wu (T.), “A real-world analysis of Kerberos password security”,Network and Distributed System Security Symp., Internet Soc., 1999, pp. 13–22.

  22. Itoi (N.),Honeyman (P.), “Smartcard Integration with Kerberos V5”,usenixWorkshop on Smartcard Technology, 1999.

  23. ieeeDraft P802.1li/D3, “Specification for Enhanced Security”, November 2002.

  24. 3gpp Technical Specification, 3gpp ts 33.102 V3.7.0, December 2000.

  25. rfc 2284, “ppp Extensible Authentication Protocol (eap)”, March 1998.

  26. Urien (P.),Tizraoui (A.),Loutrel (M.), “Integratingeap insim-ip smartcards”, to be published ataswn the secondieeeworkshop on Applications and Services in Wireless networks, July 2002, Paris.

  27. rfc 2716, “ppp eap tls Authentication Protocol”, October 1999.

  28. rfc 2246, “Thetls Protocol”, 1999.

  29. Raak Technologies, http://www.raaktechnologies.com/

  30. etsi-gsm 11.11 “Digital cellular telecommunications system (Phase2+); Specification of the Subscriber Interface Identity Module — Mobile Equipment (sim_me) interface”.

  31. eap sim Authentication”, draft-haverinen-pppext-eap-sim-09.txt, January 2003.

  32. pc/sc (1996) “Interoperability Specification foriccs and Personal Computer Systems”, © 1996cp8 Transac,hp, Microsoft, Schlumberger, Siemens Nixdorf.

  33. ®eap aka Authentication”, draft-arkko-pppext-eap-aka-01.txt, November 2001.

  34. eap Tunneledtls Authentication Protocol”, draft-ietf-pppext-eap-ttls-02.txt, November 2002

  35. “Microsoft’speap version 0 (Implementation in Windowsxp sp1)”, draft-kamath-pppext-peapv0-00.txt, October 2002.

  36. eap support in smartcards”, draft-urien-eap-smartcard-01.txt, March 2003.

  37. JavaCard Forum, http://www.javacardforum.org

  38. rfc 2486, “The Network Access Identifier”, 1999.

  39. Urien (P.),Saleh (H.),Tizraoui (A.), “ssl dans une carte à puce”,Journées Doctorales Informatique et Réseaux,jdir’2000, Ministère de la Recherches, Paris, 6–8 novembre 2000.

  40. Saleh (H.), “An innovative security architecture based on Internet smart card”, PhD’s thesis, Université de Versailles Saint-Quentin-en-Yvelines, Juin 2002.

  41. wlan Smartcard Consortium, http://www.wlansmartcard.org.

Download references

Author information

Authors and Affiliations

  1. SchlumbergerSema, Smart Card Division, France, 36-38, rue de la Princesse, BP45-78431, Louveciennes Cedex

    Marc Loutrel

  2. GET/Télécom Paris, 46 rue Barrault, 75013, Paris, France

    Marc Loutrel & Pascal Urien

  3. LIP6 4, place Jussieu, 75252, Paris Cedex 05, France

    Dominique Gaïti

  4. Université de Technologie de Troyes (UTT), 12, rue Marie Curie, BP 2060, 10010, Troyes Cedex, France

    Marc Loutrel & Dominique Gaïti

Authors
  1. Marc Loutrel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pascal Urien
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dominique Gaïti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marc Loutrel.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Loutrel, M., Urien, P. & Gaïti, D. Authentication in wireless networks: state of the art and integration with smart card. Ann. Télécommun. 59, 130–148 (2004). https://doi.org/10.1007/BF03179678

Download citation

  • Received:

  • Accepted:

  • Issue Date:

  • DOI: https://doi.org/10.1007/BF03179678

Key words

Mots clés

Search

Navigation