Formal Security Analysis of EAP-ERP Using Casper

摘要

Future wireless networks will exploit a variety of wireless technologies to provide ubiquities connectivity to mobile devices in the form of cellular, Wireless Local Area Networks, and femtocells. Inevitably, future wireless networks will be diverse in nature, employing a number of different techniques to associate the hand held devices that are deemed to use the network. Furthermore, mobile users seek for seamless connectivity, while roaming in the midst of different networks. This requires the mobile device and the wireless networks be capable of performing a vertical handover, when the mobile nodes find themselves in the vicinity of a foreign network. Regardless of the technological challenges in terms of security, data integrity and mutual authentication between participating agents remain a significant concern in heterogeneous networks. This paper explores these concerns by examining a number of solutions proposed for vertical handover, and identifies EAP Reauthentication Protocol (ERP) as a technology-independent flexible mechanism for a vertical handover. EAP-ERP satisfies the mobility requirements of future hand held devices while promising the desired security futures. In view of thoroughly exploring EAP-ERP, Casper/FDR has been used in this paper to analyze its security properties under various conditions. The results indicate that despite the initial perception, EAP-ERP lacks mutual authentication between agents, while the integrity of keying material is adequately protected.