Authentication Components: Engineering Experiences and Guidelines

  • Pasi Eronen
  • Jari Arkko
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3957)


Security protocols typically employ an authentication phase followed by a protected data exchange. In some cases, such TLS, these two phases are tightly integrated, while in other cases, such as EAP (Extensible Authentication Protocol) and Kerberos, they are separate and often implemented in different endpoints. However, careless application of this separation has lead to several vulnerabilities. In this paper we discuss reasons why this separation is often useful, what mistakes have been made, and what these mistakes have in common. We then describe some approaches how these problems could be avoided, especially focusing on EAP in wireless LANs. We also present some engineering observations that should be taken into account when designing reusable authentication components in the future.


Medium Access Control Access Point Security Protocol Engineer Experience Extensible Authentication Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Needham, R.: Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering 22(1), 6–15 (1996)CrossRefGoogle Scholar
  2. 2.
    Aboba, B., Calhoun, P.: RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP), RFC 3579 (2003)Google Scholar
  3. 3.
    Aboba, B., Simon, D., Arkko, J., Levkowetz, H.: EAP Key Management Framework, work in progress (IETF Internet-Draft draft-ietf-eap-keying-01.txt) (2003)Google Scholar
  4. 4.
    Arkko, J., Eronen, P.: Authenticated Service Identities for the Extensible Authentication Protocol (EAP), work in progress (2004)Google Scholar
  5. 5.
    Asokan, N., Niemi, V., Nyberg, K.: Man-in-the-middle in tunnelled authentication protocols. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2003. LNCS, vol. 3364, pp. 28–41. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Barkan, E., Biham, E., Keller, N.: Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 600–616. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Blunk, L., Vollbrecht, J., Aboba, B., Carlson, J., Levkowetz, H.: Extensible Authentication Protocol (EAP), work in progress (IETF Internet-Draft draft-ietf-eap-rfc2284bis-09.txt) (2004)Google Scholar
  8. 8.
    Clark, D.D., Wroclawski, J., Sollins, K.R., Braden, R.: Tussle in Cyberspace: Defining Tomorrow’s Internet. In: Proc. ACM SIGCOMM 2002 (2002)Google Scholar
  9. 9.
    Ericsson, Sonera, T.: Implications of the A5/2 Attack for 3GPP WLAN Access, 3GPP TSG SA3 working document S3-030733 (2003)Google Scholar
  10. 10.
    Eronen, P., Hiller, T., Zorn, G.: Diameter Extensible Authentication Protocol (EAP) Application, work in progress (IETF Internet-Draft draft-ietf-aaa-eap-05.txt) (2004)Google Scholar
  11. 11.
    Institute of Electrical and Electronics Engineers. IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part 11: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 6: Medium Access Control (MAC) Security Enhancements, work in progress (IEEE Draft P802.11i/10.0) (2004)Google Scholar
  12. 12.
    Haverinen, H., Salowey, J.: EAP SIM Authentication, work in progress (IETF Internet-Draft draft-haverinen-pppext-eap-sim-13.txt) (2004)Google Scholar
  13. 13.
    Housley, R., Moore, T.: Certificate Extensions and Attributes Supporting Authentication in Point-to-Point Protocol (PPP) and Wireless Local Area Networks (WLAN), RFC 3770 (2004)Google Scholar
  14. 14.
    Kaufman, C. (ed.): Internet Key Exchange (IKEv2) Protocol, work in progress (IETF Internet-Draft draft-ietf-ipsec-ikev2-13.txt) (2004)Google Scholar
  15. 15.
    Kohl, J., Neuman, C.: The Kerberos Network Authentication service (V5), RFC 1510 (1993)Google Scholar
  16. 16.
    Krawzcyk, H.: Changes to EAP methods, message on mailing list (2003-09-03),
  17. 17.
    Linn, J.: Generic Security Service Application Program Interface Version 2, Update 1, RFC 2743 (2000)Google Scholar
  18. 18.
    Myers, J.: Simple Authentication and Security Layer (SASL), RFC 2222 (1997)Google Scholar
  19. 19.
    Nokia, Using Special RANDs to separate WLAN and GSM/GPRS, 3GPP TSG SA3 working document S3-040100 (2004)Google Scholar
  20. 20.
    Orange and Vodafone, Introducing the special RAND mechanism, 3GPP TSG SA3 working document S3-030698 (2003)Google Scholar
  21. 21.
    Puthenkulam, J., Lortz, V., Palekar, A., Simon, D.: The Compound Authentication Binding Problem, work in progress (IETF Internet-Draft draft-puthenkulam-eap-binding-04.txt) (2003)Google Scholar
  22. 22.
    3rd Generation Partnership Project, Technical Specification Group Core Network; Numbering, addressing and identification (Release 5), 3GPP Technical Specification 23.003 V5.8.0 (2003)Google Scholar
  23. 23.
    3rd Generation Partnership Project, Technical Specification Group Services and System Aspects; 3G Security; Security Architecture (Release 5), 3GPP Technical Specification 33.102 V5.1.0 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Pasi Eronen
    • 1
  • Jari Arkko
    • 2
  1. 1.Nokia Research CenterFinland
  2. 2.Ericsson Research NomadicLabFinland

Personalised recommendations