Localised authentication for inter-network roaming across wireless LANs

Localised authentication for inter-network roaming across wireless LANs

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IEE Proceedings - Communications — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Authentication for inter-network roaming across wireless LANs is an important issue for achieving the goal of pervasive access and computing. The technical challenge lies in the fact that a visited network does not initially have the authentication credentials of a roaming user. Previous proposals have suggested that a visited network obtain the credentials of a roaming user and then forward them to the user's home network for authentication. A public key certificate structure is proposed, tailored to the business model of wireless Internet service providers (ISPs). In this manner, the mutual authentication between a visited network and a roaming user can be performed locally without any contact with user's home network. As a result, the time overhead incurred by communication between the ISPs' authentication, authorisation and accounting (AAA) servers can be avoided. A concrete protocol is proposed for the initial roaming authentication, which modifies the secure socket layer (SSL) v3.0 handshake protocol in order to encrypt a roaming user's identity, thus preventing any leaks in the wireless medium. A visited network can a posteriori use a portion of the protocol execution transcript as evidence to obtain revenue from a roaming user's home network. As demonstrated, the proposed solution provides a high level of security and is computationally efficient.


    1. 1)
      • Kim, H., Afifi, H.: `Improving mobile authentication with new AAA protocols', Proc. IEEE Int. Conf. on Communications, May 2003, 1, p. 497–501.
    2. 2)
      • De Laat, C., Gross, G., Gommans, L., Vollbrecht, J., and Spence, D.: ‘Generic AAA architecture’, Request for Comments: 2903, Aug. 2000.
    3. 3)
      • Anton, B., Bullock, B., and Short, J.: ‘Best current practices for wireless Internet service provider (WISP) roaming’, Wi-Fi Alliance, Feb. 2003,
    4. 4)
      • GSM Association: ‘WLAN roaming guidelines’, Apr. 2003,
    5. 5)
      • Freier, A., Karlton, P., and Kocher, P.: ‘The SSL protocol version 3.0’, Nov.1996,
    6. 6)
      • W. Stallings . (2003) Cryptography and network security.
    7. 7)
      • `Recommendation X.509 (1997 E): information technology-open systems interconnection-the directory: authentication framework', , June 1997.
    8. 8)
    9. 9)
    10. 10)
      • RSA Laboratories: ‘PKCS #1 v2.1: RSA cryptography standard’ June 2002,
    11. 11)
      • A.J. Menezes , P.C. Van Oorschot , S.A. Vanstone . (1997) Handbook of applied cryptography.
    12. 12)
      • `Advanced encryption standard', , Nov. 2001.
    13. 13)
    14. 14)
      • Krawczyk, H., Bellare, M., and Canetti, R.: ‘HMAC: keyed-hashing for message authentication’, Request for Comments: 2104, Feb. 1997.
    15. 15)
      • Mitchell, J.C., Shmatikov, V., Stern, U.: `Finite-state analysis of SSL 3.0', Proc. 7th USENIX Security Symp., 1998, San Antonio, p. 201–216.
    16. 16)
      • Dai, W.: ‘Crypto++5.1 benchmarks’,
    17. 17)
      • M. Hendry . (2001) Smart card security and applications.

Related content

This is a required field
Please enter a valid email address