Skip to Main Content
With the increasing performance and dropping price of wireless networking equipments, wireless networking has revolutionized the way people work and play. Wi-Fi hot spots popping up all over the country provides a convenient way of internet connectivity. For the ISPs of hot spots, authentication and accounting have been recognized as two most crucial concerns. For authentication, IETF PANA 1 WG, is working on a transport protocol for authenticating IP hosts for network access. However, PANA does not provide access control and per-packet authentication, which are desirable in accounting and access control. Instead of using high-overhead crypto-based mechanisms, such as IPSec or 802.11i, we propose a lightweight statistical authentication protocol, namely Shepherd2. In Shepherd, the legitimacy of a mobile node is determined by continuously checking a series of random authentication bits where each hit in this stream is piggybacked by a packet. Such authentication bit stream is generated by both mobile node and access point using the same random number generator under the same shared seed as a key. We analyze this protocol under three synchronization schemes. Our analytical results show that this protocol performs well in terms of computational and communication cost, synchronization efficiency, and protocol operation secrecy. We also show that this new protocol is practical for implementation in wireless LANs.