A Three-Way Authentication Protocol for Public Access Wireless Networks

Several schemes have been proposed for authenticating both the network and the mobile stations to one another in public access wireless networks. In this paper, we look at the weaknesses of such schemes and enumerate a set of four constraints for authentication in public access wireless networks. We then propose two authentication protocols that can overcome these weaknesses while satisfying the constraints. The first proposed protocol provides additional direct authentication to wireless clients to validate the network access point to prevent or to detect malicious attacks as early as possible. This adds additional burden to wireless devices whose resources are often limited. The second proposed protocol reduces the burden by providing indirect authentication with the help of a trusted server. In this paper, we also evaluate the performance of the existing schemes and the proposed schemes in terms of the size and number of messages, delay, energy consumption and security features.