UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Secure Authentication System for Public WLAN

RoamingAna Sanz Merino, Yasuhiko

Matsunaga, Manish Shah, Takashi Suzuki, Randy H. Katz

Presented by Dustin ChristmannApril 20, 2009

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Outline• Introduction• Current Approaches• Single Sign-On Confederation Model• Authentication Flow Adaption Framework• Policy Engine• Securing Web-Based Authentication• Evaluation• Conclusion

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Introduction• WLAN hotspots becoming ubiquitous• Most WLAN hotspot providers small and

can’t provide enough coverage• Needed: An inter-network WLAN

roaming infrastructure

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Introduction• Similar problem to cellular roaming• Main differences:

– Cellular equipment contains identification tied to provider

• GSM/UMTS (AT&T and T-Mobile): Contained in SIM card

• CDMA (Sprint, Verizon, Alltel): Contained in phone firmware

– Both GSM/UMTS and CDMA protocols include inter-system authentication protocols

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Current ApproachesLink layer authentication• IEEE 802.1X standard• Shared session key between user and

network• Provides for encryption of packets, as well

as authentication• Certificate-based• Not suitable for most public WLAN

networks

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

A brief aside about 802.1XA brief aside about 802.1X• Port-based authentication• Three parts:

– Supplicant: wireless user– Authenticator: base station– Authentication server

• Extensible Authentication Protocol (EAP)• Implemented in 802.11i standard

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

802.1X Architecture802.1X Architecture

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

RADIUSRADIUS

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

LibertyLiberty

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Extensible Authentication Extensible Authentication ProtocolProtocol

• Not an authentication mechanism, but a framework

• Provides common functions and mechanism negotiation

• Mechanisms called “methods” in EAP• Around 40 methods defined in various

RFCs

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

So what’s 802.11i?So what’s 802.11i?• Amendment to 802.11• Specifies security mechanisms for 802.11

networks• Ratified in 2004• Addresses the weaknesses of Wired Equivalent

Privacy (WEP)• Wi-Fi Protected Access (WPA): subset of 802.11i• WPA2 full implementation• WEP and WPA use RC4, WPA2 uses AES

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

802.11i Four-Way Handshake

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Current ApproachesWeb-based authentication and network

layer access control• Based on IP packet filtering• Web server acts as RADIUS client• Prone to theft of service by MAC

spoofing• Microsoft CHOICE network

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Single Sign-On Confederation Model

• Users are authenticated by trusted identity providers

• Service providers can have roaming agreements with one or several identity providers

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Single Sign-On Single Sign-On Confederation ModelConfederation Model

Assumptions:• The user terminal can validate the certificates of

the service provider’s and identity provider’s authentication servers.

• There are static trust relationships between the user and the identity provider, and between the service provider and the identity provider.

• The user can authenticate the service provider’s authentication server via the identity provider’s authentication server, and vice versa.

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Roaming ModelRoaming Model

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Authentication Negotiation Authentication Negotiation ProtocolProtocol

Need:• Way for service providers to communicate

authentication capabilities• Way for users to select identity providerSolution: Authentication Negotiation Protocol• XML web-based protocol• Web browser not needed• Thin client

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Authentication Flow Authentication Flow Adaption SequenceAdaption Sequence

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Authentication Flow Adaption Architecture

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Authentication Methods

• User info• Password

Identity Provider Group

• List of identity providers

• Charging information• Authentication

methods

Service Provider• Name• Confirmation Method• Key

Authentication Capabilities Statement

• Includes timestamp

ANP ExampleANP Example

Charging Option• Interval• Unit price• Time Unit• User info• Service ID

Service• Service description

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Policy EnginePolicy Engine• Selects appropriate SSO scheme• Minimize user intervention for sign-on

process• Protects user authentication information• Not entirely necessary, but very helpful

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Policy Engine• Example in paper:

– Independent module

– Takes XML file as input

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Securing Web-Based Securing Web-Based AuthenticationAuthentication

• Current web-based authentication approaches are vulnerable:– Theft of service via spoofing– Eavesdropping– Message alteration– Denial of service

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Securing Web-Based Securing Web-Based AuthenticationAuthentication

• Problem: Neither layer 2 authentication nor web-based authentication is ideal:– IEEE 802.1X authentication is more

secure, but requires a preshared secret

– Web-based authentication more suitable for one-time use, but insecure

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Securing Web-Based Securing Web-Based AuthenticationAuthentication

Solution: Hybrid approach

• Initial link establishment via 802.11X guest authentication

• Web-based authentication after that

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Evaluation

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Authentication client Authentication client latencylatency

Proxy-based (RADIUS) Redirect-based (Liberty)

Local Remote Local RemoteWeb authentication

0.295 0.296 0.276 1.545

Policy engine 0.255

Authentication Capabilities Announcement

0.250

Link layer (802.1X) authentication

0.124

Total 0.924 0.925 0.905 2.174

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

Web-based Authentication Web-based Authentication LatencyLatency

Proxy-based (RADIUS) Redirect-based (Liberty)

Local Remote Local RemoteWeb authentication

0.091 0.102 0.088 1.364

Firewall redirection 0.086

Link layer (802.1X) authentication

0.124

Total 0.301 0.312 0.298 1.574

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering

ConclusionsConclusions• This paper should have been three

papers with more detail in each– Single sign-on authentication– Policy engine– Web-based authentication

• Good way of enabling WLAN roaming by decoupling identity management from service provider