Your browser does not support JavaScript!

GPRS/UMTS-aided authentication protocol for wireless LANs

GPRS/UMTS-aided authentication protocol for wireless LANs

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IEE Proceedings - Communications — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Wireless local area network (WLAN) and cellular network are two important technologies for providing wireless communications. For user authentication of WLAN, the IEEE 802.1X standard provides an authentication framework that is based on the Extensible Authentication Protocol (EAP). When a roaming user wants to access WLANs provided by different operators, the user must remember multiple identities and the corresponding authentication credentials. Obviously, such an exercise is not user friendly. This problem is caused by the fact that a visited WLAN does not have the authentication credential of a roaming user. Previous proposals have studied the authentication of inter-network roaming across different WLANs, or across a cellular network and a WLAN. As is known, cellular networks provide wider service areas, ‘always-on’ and ubiquitous connectivity. The integration of WLAN and cellular networks has a management advantage that it can unify the subscriber identity and the corresponding credential. In this paper, we first propose a practical certificate distribution scheme. The certificate distribution scheme allows roaming users of a cellular network to obtain temporary certificates from their home cellular network. Afterward adopting certificate-based authentication protocol of the IEEE 802.1X standard, roaming users may use temporary certificates to access WLANs. The proposed solution achieves easy subscriber management and pervasive access. As demonstrated, the proposed solution also provides mutual authentication and strong identity protection, in addition to withstanding the man-in-the-middle attack and the eavesdropping attack. A performance evaluation shows that the proposed protocol is well suited for roaming users with mobile devices.


    1. 1)
      • Berbecaru, D.: `FIrDA-SSL: Experiments with securing communication in PANs', In SecureComm-2005 Int. Conf. on Security and Privacy for Emerging Areas in Communication Networks, 2005,
    2. 2)
      • Nokia, The Nokia D211, A multi-mode radio card for compatible portable computer enabling network access through GPRS, HSCSD, or WLAN environment,
    3. 3)
      • Calhoun, P., Loughney, J., Guttman, E., Zorn, G., Arkko, J.: `Diameter base protocol', RFC 3588, AAA Working Group, September 2003.
    4. 4)
      • Third Generation Partnership Project (3GPP), Technical Specification, Service Description, 2005,
    5. 5)
      • 3GPP Technical Specification Group Services and System Aspects; 3G Security; Security architecture (Release 6), 3GPP TS 33.102 V6.5.0, December 2005,
    6. 6)
      • Anton, B., Bullock, B., Short, J.: `Best current practices for wireless Internet service provider (WISP) roaming', Wi-Fi Alliance, 2003,
    7. 7)
      • ITU-T recommendation X.509, Information technology – open system interconnection – the directory: authentication framework, June 1997.
    8. 8)
      • Sun Microsystems,
    9. 9)
      • `3GPP Technical Specification, WLAN interworking security', TS 33.234 V6.7.0, December 2005,
    10. 10)
    11. 11)
      • Gupta, V., Gupta, S.: `Experiments in wireless internet security', In Proc. IEEE Wireless Communications and Networking Conf. (WCNC), March 2002, p. 859–863.
    12. 12)
      • General Packet Radio Services (GPRS) Service Description, Stage 2, TS 23.060 V6.11.0, December 2005,
    13. 13)
    14. 14)
      • ASUS MyPal A620 PDA,
    15. 15)
      • Rigney, C., Willens, S., Rubens, A., Simpson, W.: `Remote authentication dial in user service (RADIUS)', RFC 2865, IETF, June 2000.
    16. 16)
    17. 17)
      • Arkko, J., Haverinen, H.: `EAP AKA authentication', draft-arkko-pppext-eap-aka-15, IETF, January 2006.
    18. 18)
      • Stubblefield, A., Ioannidis, J., Rubin, A.D.: `Using the Fluhrer, Mantin, and Shamir attack to break WEP', TD-4ZCPZZ, AT&T Labs Technical Report, 2001,
    19. 19)
      • Wong, D., Fuentes, H., Chan, A.: `The performance measurement of cryptographic primitives on palm devices', In 17th Annual Computer Security Applications Conf. (ACSAC'01), 2001,
    20. 20)
      • Haverinen, H., Salowey, J.: `EAP SIM authentication', draft-haverinen-pppext-eap-sim-16, IETF, December 2004.
    21. 21)
    22. 22)
      • Microsoft, Pocket PC 2003,
    23. 23)
    24. 24)
      • Freier, A., Karlton, P., Kocher, P.: `The SSL protocol version 3.0', Nov. 1996,
    25. 25)
      • `NIST/NSA FIPS 180-2: Secure Hash Standard (SHS)', NIST/NSA, 2005, Gaithersburg, MD, USA.
    26. 26)
      • Blunk, L., Vollbrecht, J.: `PPP extensible authentication protocol (EAP)', RFC 2284, IETF, March 1998.
    27. 27)
      • Aboba, B., Beadles, M.: `The network access identifier', RFC 2486, January 1999.
    28. 28)
      • Hill, J.: ‘An Analysis of the RADIUS authentication protocol’,
    29. 29)
      • `IEEE Standards for Local and Metropolitan Area Networks: Port based Network Access Control', IEEE Std. 802.1X-2004, November 2004.
    30. 30)
      • Asokan, N., Valtteri, N., Nyberg, K.: `Man-in-the-middle in tunnelled authentication', Nokia Research Center, Cryptology ePrint Archive, 2002,
    31. 31)
      • Gupta, V., Stebila, D., Fung, S.: `Speeding up secure web transactions using elliptic curve cryptography', In Proc. of 11th Network and Distributed Systems Security Symp., California, Internet Soceity (ISOC), 2004, p. 231–239.
    32. 32)
    33. 33)
      • Aboba, B., Simon, D.: `PPP EAP TLS authentication protocol', RFC 2716, IETF, October 1999.
    34. 34)
      • Funk, P., Blake-Wilson, S.: `EAP tunneled TLS authentication protocol', draft-ietf-pppext-eap-ttls-05, IETF, July 2004.
    35. 35)
      • `Wireless LAN media access control (MAC) and physical layer (PHY) specifications', 802.11: 1999 (E) Part 11, ISO/IEC 8802-11, 1999.
    36. 36)
      • Ewesoft Software Development Kit (SDK),
    37. 37)
      • Buddhikot, M., Chandrannmenon, G., Han, S., Lee, Y.W., Miller, S., Salgarelli, L.: `Integration of 802.11 and third-generation wireless data networks', Proc. of the IEEE Computer and Communications Societies (INFOCOM 2003), 2003, p. 503–512.
    38. 38)
      • BenQ W10/W11, GPRS with WLAN card,
    39. 39)
      • `3GPP Technical Specification, 3GPP Systeem to WLAN interworking: User Equipment (UE) to network protocols', TS 24.234 V6.5.0, December 2005, Stage 3, Release 6,
    40. 40)
      • Palekar, A., Simon, D., Josefsson, S., Zhou, H., Zorn, G.: `Protected EAP protocol (PEAP)', draft-josefsson-pppext-eap-tls-eap-10.txt, IETF, October 2004, Version 2.

Related content

This is a required field
Please enter a valid email address