**4.1. Full EAP-CRA authentication**

Initial assumption of the CRA protocol is that each mobile Node is primarily associated with a Network, which in this context is referred to as the Home network. The security of the Home network and the authentication mechanism used must be robust. It is assumed that an EAP method such as EAP-TLS, EAP-PEAP or EAP-TTLS is used in the Home network. Therefore the values for MSKName, MSK, EMSK and the Time To Live (TTL) for these keys are available for the Peer. Since some of the EAP methods utilize CA-signed PKI certificates to authenticate and secure the communication CRA extends it to add more flexibility to certificate based authentication. We have chosen WLAN as the medium to illustrate the components and messaging of EAP-CRA. Firstly, both the peer and the Foreign Access Point (FAP) discover their capabilities and decide on a suitable protocol to authenticate each other. If both parties are capable of EAP-CRA then the FAP will compose an EAP request message to solicit the identity of the Peer. It should be mentioned that the key for hashing function is generated from the EMSK.

In an unknown network, the peer will first check if the TTL of MSK is still valid. Expired MSK will lead to a failed authentication and will prompt a full authentication. The peer will be responsible to do a full authentication with its Home Network to obtain a fresh MSK. On the other hand, if the MSK is valid, the peer generates a random sequence number and encrypts the EMSKname of home network and the sequence number with the public Key of its HAS. The composed EAP-Response message will be sent to the FAP, which contains the encrypted message, Message Authentication Code, the realm of the home network and the random identity of the peer (message b in List 1).

values are CRA\_timer, CRA\_counter, and CRA\_RND. The value of the CRA\_timer must be less than the validity time of the initial MSK. Next, the FAS sends CRA\_counter, re\_id, EMSKname signed with HAS's private key, Foreign realm and CRA-MSK inside a RADIUS packet to FAP (message f in List 1). The CRA-MSK will be utilized for future communication to provide privacy. The rest of the message is sent to the peer (message g in List 1). The peer will be able to authenticate its home server by verifying the signature and can generate CRA-MSK and CRA-EMSK. It then creates a EAP-Response as an acknowledgment with MSKname.

EAP-CRA for WiMAX, WLAN and 4G LTE Interoperability

http://dx.doi.org/10.5772/54837

121

On receiving the EAP success message, the peer generates rMSK independently leading to the key distribution phase. The key distribution phase will be similar to that of the RSNA where the supplicant and the authenticator will use the MSK to derive the Temporal Session Key

In the previous section we described a roaming-enabled authentication mechanism for users who wish to get connected to a new network, using the security credentials that they use in their home network. Although we anticipate relatively faster CRA authentication, in situations where the user continues to work on a foreign network the need for re-authentication is

This section will explain the re-authentication process that can occur due to handover within the same network, i.e. when a user moves from one access point to another. The Enhanced CRA full authentication generates CRA-MSK and CRA-EMSK for a secure communication. Possession of these keys by the supplicant and the FAS can quicken the process of re-authen‐ tication. The FAS, after the successful authentication of a supplicant distributes the reauthentication identity and the CRA\_Counter to the peer. The counter determines the number

The process of re-authentication will be initiated by the authenticator with EAP-Request for supplicant ID. In response the supplicant will check the time since last logon to verify the validity of CRA-MSK. In case the key is expired then a valid peer will fall back to request a full EAP-CRA authentication. On the other hand the supplicant sends its re-authentication ID and realm inside Kname-NAI, a random sequence number with a hashed value of the message. The key for the hash can be generated from the CRA-EMSK and sequence number. Here, the need for the sequence number arises to provide immunity against replay attacks. The authen‐ ticator will then forward the EAP-Response encapsulated as a RADIUS packet to the FAS

The FAS can then compose a EAP-Success message and send it back to the peer.

(TSK). Once the TSKs are derived normal data communication can commence.

**4.2. EAP-CRA re-authentication**

of re-authentications which can be acceptable.

**a.** *FAP* →*MN* : *EAPreq ID* Inline Formula

List 2: Messages Exchanged During CRA Re-Authentication

**b.** *MN* →*FAP* : *EAPres KeyNameNAI*, *Seq* # , *MAC* Inline Formula

**c.** *FAP* →*FAS* : *ACCreq KeyNameNAI*, *Seq* # , *MAC* Inline Formula

anticipated.

(message c in List 2).

List 1: Messages Exchanged During CRA Full Authentication


FAP will encapsulate this EAP-Response message inside a RADIUS Packet and forward it to the foreign authentication server. The FAS will also utilize RADIUS for server-toserver communication. However before sending the received message, the FAP will add its domain name and encrypt the MSKname with its Private Key (message d in List 1). This enables the HAS to authenticate the FAS. Upon receiving the message from a for‐ eign network, HAS is able to check if the FAS is authorized based on the domain name of the FAS. The HAS can authenticate the FAS by verifying the contents of the signed message. Peer authentication will be managed by matching the MSKname with MSK, EMSK, Validation of key timer and the number of re-authentication of the peer. If the MSK is valid the HAS can combine the foreign domain name, sequence number and the previous EMSK to generate new CRA-MSK and CRA-EMSK.

After updating the timer and counter values of the MSKname the HAS creates a RADIUS message which holds Access Accept, encrypted values of CRA-MSK and CRA-EMSK with FAS's Public Key, MAC and privately signed message of domain name – MSKname (message e in List 1).

FAS first checks the signed MSKname to validate the HAS, then stores the MSKname and CRA keys. In addition to these it calculates a new timer, counter and random re-authentication ID for local re-authentication in case the peer stays for longer time in the foreign network. These values are CRA\_timer, CRA\_counter, and CRA\_RND. The value of the CRA\_timer must be less than the validity time of the initial MSK. Next, the FAS sends CRA\_counter, re\_id, EMSKname signed with HAS's private key, Foreign realm and CRA-MSK inside a RADIUS packet to FAP (message f in List 1). The CRA-MSK will be utilized for future communication to provide privacy. The rest of the message is sent to the peer (message g in List 1). The peer will be able to authenticate its home server by verifying the signature and can generate CRA-MSK and CRA-EMSK. It then creates a EAP-Response as an acknowledgment with MSKname. The FAS can then compose a EAP-Success message and send it back to the peer.

On receiving the EAP success message, the peer generates rMSK independently leading to the key distribution phase. The key distribution phase will be similar to that of the RSNA where the supplicant and the authenticator will use the MSK to derive the Temporal Session Key (TSK). Once the TSKs are derived normal data communication can commence.
