Wireless communications is growing at an ever-increasing rate, and there is a wide range of wireless communications technologies including wide range wireless communication and local area communication technologies.
For example, Wireless Local Area Network, WLAN, technology offers a basis for wireless communications within a local area coverage. In general, the WLAN technology includes industry-specific solutions as well as proprietary protocols, although most commercial applications are based on well-accepted standards such as the various versions of IEEE 802.11, also popularly referred to as Wi-Fi.
A WLAN is a wireless network that links two or more devices using a wireless distribution method, often spread-spectrum or OFDM radio, within a limited area such as a home, school, computer laboratory, or office building. This gives users the ability to move around within a local coverage area and still be connected to the network, and may provide a connection to the wider Internet. As mentioned, most modern WLANs are based on the IEEE 802.11 standards, usually marketed under the Wi-Fi brand name.
In the particular example of IEEE 802.11, also referred to as Wi-Fi, terminology, a STAtion, STA, is a device that has the capability to use the 802.11 protocol. For example, an STA may be a laptop, a desktop PC, PDA, access point or Wi-Fi phone. An STA may be fixed, mobile or portable. Generally in wireless networking terminology, a station, wireless client and node are often used interchangeably, with no strict distinction existing between these terms. A station may also be referred to as transmitter or a receiver based on its transmission characteristics. IEEE 802.11-2007 formally defines station as: Any device that contains an IEEE 802.11-conformant Media Access Control, MAC, and PHYsical layer, PHY, interface to the wireless medium.
A Basic Service Set, BSS, is a set of all stations that can communicate with each other. More specifically, a BSS provides the basic building-block of an 802.11 WLAN and is defined by an Access Point, AP, together with all associated stations, STAs.
An Access Point, AP, is a device that allows wireless communication devices to connect to a wired network using Wi-Fi, or related standards.
Initial Connection to a WLAN Network
When a STA connects to a WLAN network, i.e. to a WLAN AP, for the first time, it carries out a procedure similar to the one depicted in FIG. 1.
The authentication procedure comprises the following steps:    1 The STA receives a Beacon frame revealing, among other parameters, the security features associated with the ESS the AP belongs to. The format of the beacon frame as well as all the information elements it carries are described in Chapter 8.3.3.2 of IEEE 802.11, [1];    2 If the STA does not receive a Beacon frame for some reason, it may generate a Probe Request and send it to the AP. This procedure is called active scanning and by performing it, the STA may receive from the AP the same information as it would have from a Beacon message;    3 The AP answers with Probe Response;    a. NOTE: The discovery procedure consists of either step 1 or steps 2 and 3 (i.e., receiving a Beacon frame and exchanging probe messages are mutually exclusive);    4 The STA sends an Open System Authentication Request;    5 The AP responds with an Open System Authentication Response;    6 The STA then sends an Association Request, indicating the security parameters to be used later;    7 The AP responds with an Association Response    a. NOTE: The Open System Authentication does not provide any security. The connection between the STA and the AP is secured at a later point, by means of Authentication and Key Agreement procedure. Nevertheless, a possible attack altering the security parameters in the Open System Authentication message exchange will be detected at the stage of key derivation;    8 At this point the Open System Authentication is completed and the STA may communicate only with the AP—the rest of the traffic is blocked by the port-based network control (PBNC) enforcer, as defined in IEEE 802.1X. Some of the traffic towards external hosts, however, may be forwarded by the AP, as in the case of the communication with the RADIUS server;    9 This step is the first step of the EAP-SIM authentication RFC 4186, [2]. The AP encapsulates an EAP-Request of Type 18 (SIM) inside an EAPOL frame, asking the STA to report its identity. In the case when the STA is equipped with a SIM, the identity is the IMSI, followed by the “@” sign and the home realm. It is also possible for the STA to include an additional “1” in front of the IMSI in order to indicate preference for the exclusive use of EAP-SIM if other EAP methods are available (e.g., EAP-AKAe);    10 The STA responds with its identity. An example of such is: 1234580123000100@wlan.mnc048.mcc264.3gppnetwork.org (and IMSI is in this example 234580123000100 and the preceding “1” indicates the preference to use EAP-SIM);    11 The AP extracts the EAP-Response message, encapsulates it in a RADIUS frame and forwards it to the backend AAA server. The handling of EAP frames over RADIUS is described by the IETF in RFC 3579, [3];    12 The AAA server recognizes the EAP method and sends an EAP-Request/SIM/Start, indicating that an EAP-SIM procedure has been initiated for that Supplicant. It also includes the list of supported SIM versions in the message as described in Chapter 10.2 of RFC 4186, [2];    13 The AP relays the EAP-Request/SIM/Start message to the STA;    14 The STA responds with EAP-Response/SIM/Start message, which carries a random number (NONCE_MT) carried in the AT_NONCE_MT attribute (a randomly selected number), as well as the selected EAP-SIM version (AT_SELECTED_VERSION);    15 The AP forwards the EAP-Response/SIM/Start to the AAA server;    16 The AAA server obtains the GSM triplet (RAND, SRES and Kc) from the HLR/AuC and derives the keying material as specified in Chapter 7 of RFC 4186, [2]. The GSM triplet consists of:    a. RAND—a 128-bit random number, generated by the Authentication Center (an entity within the GSM core network, used to authenticate subscribers at the point of initial attach) when a subscriber authentication is requested. Its use is for the derivation of the Signed Response (SRES) and the Kc;    b. SRES—a 32-bit variable, the expected response from the mobile station/STA after it has been challenged with the RAND;    c. Kc—a 64-bit ciphering key, used to encipher and decipher data transmitted between the STA and the AP;    17 The AAA generates an EAP-Request/SIM/Challenge message, including RAND challenges and message authentication code attribute (AT_MAC). The AT_MAC derivation is based on the RAND and Kc values;    18 The AP forwards the EAP-Request/SIM/Challenge message to the STA;    19 The STA feeds the received RAND into the GSM algorithms running on the SIM and the output is a copy of the AT_MAC and a SRES value. The first thing for the STA to do is to check whether the AT_MAC value received by the AAA (relayed by the AP) and the one generated by the SIM match. If so the STA continues with the authentication, otherwise it responds with an EAP-Response/SIM/Client-Error message. The second thing is to derive a new AT_MAC, based on the generated SRES;    20 The new AT_MAC is sent to the AAA server (via the AP) in an EAP-Response/SIM/Challenge message;    21 The AP forwards the EAP-Response/SIM/Challenge to the AAA server;    22 The AAA server verifies the new AT_MAC value that the STA has just sent. If the verification is successful, it sends an EAP-Success message to the AP. The message also carries keying material—Pairwise Master Key (PMK). The PMK is intended for the AP only and it is not forwarded to the STA (the STA may derive the same key autonomously since it is based on the Kc, which the SIM in the STA may compute based on the RAND);    23 The AP forwards the EAP-Success message to the STA and stores the PMK for the following Four-way handshake;    24 The AP uses the PMK to generate an Authenticator nonce (ANonce);    The ANonce value is sent to the STA in an EAPOL-Key message;    26 Using the received ANonce (together with the SNonce and the PMK), the STA constructs the Pairwise Temporal Key (PTK);    27 The STA sends an EAPOL-Key message to the AP, including a Supplicant nonce (SNonce) and a message integrity code (MIC);    28 The AP uses the ANonce, SNonce and the PMK to construct the PTK. The AP also uses the MIC in order to verify that the STA has computed the correct and fresh key. Furthermore, the AP also generates and installs a Group Temporal Key (GTK, which is used exclusively for the encryption and decryption of broadcast and multicast traffic;    29 The AP sends to the STA an encrypted GTK, a sequence number to use for the next broadcast message and an instruction to install the PTK (the message is integrity protected by another MIC);    The STA responds with an acknowledgement message;    31 The STA installs both the PTK and the GTK and as of this point uses them to encrypt and decrypt all communication;    32 The AP also installs the PTK;    33 The 802.1X Controlled Port is now open and the STA may communicate with other network hosts besides the AP.
As may be understood from the above, the authentication procedure may be lengthy and involve a lot of signalling. STAs that move around in the network will perform re-associations many times. Thus there is room for improvement of the association and re-association procedures.