Download presentation
Presentation is loading. Please wait.
1
IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-07-0xxx-00-0000
Title: Performance analysis of authentication signaling schemes for media independent handovers. Date Submitted: November 1, 2007 Presented at IEEE session #23 in Atlanta Authors or Source(s): Antonio Izquierdo, Katrin Hoeper, Nada Golmie, Lily Chen Abstract: In this contribution different authentication signaling schemes including full authentication, re-authentication, and indirect pre-authentication are evaluated for media independent handovers. Simulation results are obtained with IEEE and IEEE handovers. xxx
2
IEEE 802.21 presentation release statements
This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. This is a contribution by the National Institute of Standards and Technology and is not subject to copyright in the US. The contributors do not have the authority to override the NIST policy in favor of the IEEE policy. The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws < and in Understanding Patent Issues During IEEE Standards Development IEEE presentation release statements This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual < and in Understanding Patent Issues During IEEE Standards Development xxx
3
Outline Goals and motivation
Review of authentication signaling schemes Simulation environment Performance metrics Simulation parameters Performance results Security signaling latency Cryptographic processing time Impact of network topology on indirect pre-authentication Transmission delay Handover latency Summary xxx
4
Goals and motivation The main goals of this contribution are to analyze the performance of different authentication signaling mechanisms in the context of heterogeneous handovers Simulation models are developed to evaluate the performance of the following three authentication signaling schemes: Full Authentication Indirect pre-authentication Re-authentication Heterogeneous handovers are considered in the context of IEEE and IEEE networks. xxx
5
Full Authentication xxx
6
Indirect pre-authentication
xxx
7
Re-authentication xxx
8
Simulation environment
Used NS-2 with IEEE and module extensions (available from Developed extensions to model authentication in and networks using EAP: Implemented EAP framework as defined in RFC 3748 including TTLS-MD5 and GPSK methods Developed an authentication module to support full authentication, re-authentication and Handover Process Optimization as defined in IEEE e Developed an authentication module to support full authentication in RSN and re-authentication in the mobility domain Developed support for pre-authentication using the extensions Developed a limited RADIUS implementation for Key and EAP message transfers xxx
9
Authentication xxx
10
Authentication xxx
11
Authentication xxx
12
Performance metrics (1)
EAP latency denotes the time elapsed between the sending of the EAP Start message until the receipt of either the EAP SUCCESS / EAP FAILURE message. It is included in the Full authentication signaling latency, but not in the pre-authentication signaling latency. xxx
13
Performance metrics (2)
Security signaling latency is defined as the time elapsed between the sending of the first authentication message until the reception of the ACK for the last message: 802.11 802.16 xxx
14
Performance metrics (3)
Transmission delay is the time it takes a packet to reach its destination. xxx
15
Performance metrics (4)
Handover delay represents the time elapsed between when a decision to handover is executed until the traffic is redirected to the new interface. The decision to perform a handover is made when a new link is detected and if the new link is better than the current link or if the current link is disconnected. The cryptographic processing delay is the time spent by the mobile node to perform different cryptographic operations including encryption, decryption, hash, validation, and key derivation. Note that the results obtained represent mean values averaged over 100 simulations. xxx
16
Network Topology 1 xxx
17
Simulation Parameters (1)
The traffic flows from a corresponding node in the backbone network to the mobile node networks configuration Data rate: 11 Mb/s Coverage area radius: 50 m 802.16 Coverage area radius: 500 m Key lifetimes are longer than the simulation time, so the mobile node does not need to refresh them or re-authenticate with the current PoA The mobile node does not use MIH triggers The interface is preferred over the interface. xxx
18
Simulation Parameters (2)
The authentication lifetime is larger than the simulation time The size of the DH authentication keys is 1024 bits The size of the symmetric authentication keys is 128 bits The size of the IDs is 64 bytes xxx
19
Simulation Results: Security Signaling Latency using EAP GPSK
In this case full authentication was performed Note that the cryptographic processing (computed as an example on a Palm tungsten) is ms which is equivalent to 9.08 % of the EAP time in or 7.72 % of the EAP time in Authentication time % 802.11 802.16 Open Authentication 1.98 ms 0.99 % EAP Authentication ms 96.16 % Association 1.62 ms 0.81 % TEK Request 9.05 ms 5.84 % ms 96.28 % 4-Way Handshake 3.84 ms 1.92 % Authentication time % xxx
20
Simulation Results: Security Signaling Latency using EAP TTLS-MD5
In this case full authentication was performed Note that the cryptographic processing (computed as an example on a Palm tungsten) is ms which represents % of the EAP time in or % of the EAP process in Note that DH Agreement takes ms measured on the same platform. 802.11 802.16 Open Authentication 1.98 ms < 0.01 % EAP Authentication ms 99.97 % Association 1.62 ms TEK Request 9.05 ms 0.03 % ms 99.98 % 4-Way Handshake 3.84 ms 0.01 % Authentication time % Authentication time % xxx
21
Simulation Results: Comparing different authentication signaling schemes (GPSK)
Full Auth Re-Auth Improv. over Full Auth. Indirect Pre-Auth Sign. Laten. 235.42 [0.013] 70.42 [0.001] 70.09% 10.42 [0.171] 95.57% EAP laten. 226.37 61.37 72.89% 422.42 [0.136] -86.61% GPSK Full Auth Re-Auth Improv. over Full Auth. Indirect Pre-Auth Sign. laten. 194.33 [0.672] 46.59 [0.510] 76.03% 3.01 [0.371] 98.45% EAP 192.47 [0.608] 45.07 [0.417] 76.59% 422.42 [0.136] % All times are expressed in milliseconds unless stated otherwise xxx
22
Simulation Results: Comparing different authentication signaling schemes – (TTLS-MD5)
Full Auth Re-Auth Improv. over Full Auth. Indirect Pre-Auth Sign. laten. [0.001] 70.42 [0.014] 99.78 % 10.42 [0.171] 99.96 % EAP 61.37 99.80 % [0.366] % – TTLS – MD5 Full Auth Re-Auth Improv. over Full Auth. Indirect Pre-Auth Sign. laten. [0.751] 46.59 [0.450] 99.85 % 3.01 [0.371] 99.99 % EAP [0.705] 45.07 [0.395] [0.366] % All times are expressed in milliseconds unless stated otherwise xxx
23
Simulation Results: Transmission Delay (Network Topology 1)
xxx
24
Simulation Results: Transmission Delay (Network Topology 1)
xxx
25
Few observations on the security signaling latency
Both re-authentication and indirect pre-authentication schemes reduce the security signaling latency by more than 70% EAP latency in indirect pre-authentication increases as a result of the longer path used by the EAP messages This would force the mobile device to make the handover decision sooner than when performing a normal network entry With re-authentication the EAP latency is reduced xxx
26
Simulation Results: Impact of cryptographic processing delay (GPSK)
802.16 Full Auth Re-Auth EAP latency 226.37 61.37 Cryptographic delay 17.48 1.02 7.72 % 1.66% 802.11 Full Auth Re-Auth EAP latency 192.47 45.07 Cryptographic delay 17.48 1.02 9.08% 2.26% Note that an indirect pre-authentication requires the same cryptographic operations as a full authentication. xxx
27
Simulation Results: Impact of cryptographic processing time (TTLS-MD5)
802.16 Full Auth Re-Auth EAP latency 61.37 Cryptographic delay 1.02 98.24 % 1.66 % 802.11 Full Auth Re-Auth EAP latency 45.07 Cryptographic delay 1.02 98.51% 2.26 % Note that an indirect pre-authentication requires the same cryptographic operations as a full authentication. xxx
28
Observations on the cryptographic processing delay
Pre-authentication does not reduce the amount of cryptographic processing delay of a full authentication The cryptographic processing delay may in fact increase due to secure tunnel negotiations Re-authentication reduces the time spent in cryptographic processing since the number of messages exchanged is reduced Re-authentication may be alternative to a full authentication when the time to do a full authentication is a cause of concern (other concern considerations include battery life and power consumption) xxx
29
Simulation Results: Handover delay
802.16 Full Authentication Re-Authentication Indirect Pre-Authentication GPSK 990.84 930.84 TTLS-MD5 802.11 Full Authentication Re-Authentication Indirect Pre-Authentication GPSK 921.93 717.84 677.87 TTLS-MD5 Values are in milliseconds xxx
30
Observations on the handover delay
Re-authentication reduces the total handover delay, independently of the EAP used Indirect pre-authentication reduces the handover delay as long as it is possible to fully run the authentication method before the network entry takes place If the pre-authentication is not completed at the time of the network entry, a new full authentication starts. In this case the situation is the same as in a full authentication xxx
31
Network Topology 2 xxx
32
Indirect Pre-Authentication Indirect Pre-Authentication
Simulation Results: Indirect Pre-Authentication (Network Topology 2) GPSK GPSK Full Auth Indirect Pre-Authentication Improv. over Full Auth. Security Signaling Latency 275.42 [0.013] 10.42 [0.171] 95.57% EAP Latency 266.37 [0.001] 621.32 [0.156] % Full Auth Indirect Pre-Authentication Improv. over Full Auth. Security Signaling Latency 234.33 [0.672] 3.01 [0.371] 98.45% EAP Latency 232.47 [0.608] 621.32 [0.156] % xxx
33
Indirect Pre-Authentication Indirect Pre-Authentication
Simulation Results: Indirect Pre-Authentication (Network Topology 2) – TTLS-MD5 – TTLS-MD5 Full Auth Indirect Pre-Authentication Improv. over Full Auth. Security Signaling Latency [0.127] 10.42 [0.171] 99.97 % EAP Latency [0.126] [0.277] % Full Auth Indirect Pre-Authentication Improv. over Full Auth. Security Signaling Latency [0.241] 3.01 [0.371] 99.99 % EAP Latency [0.237] [0.305] -2.16 % xxx
34
Observations on indirect pre-authentication for network topology 2
EAP latency in indirect pre-authentication depends heavily on the network topology considered The impact is greater for fast authentication methods. Topology information must be available beforehand in order to perform the pre-authentication on time xxx
35
Summary Re-authentication and indirect pre-authentication reduce the time required for authentication during a handover Indirect pre-authentication allows for a shorter security signaling latency during the network entry, at the expense of requiring more time in advance for handover preparation Re-authentication reduces the cryptographic processing time and its performance does not depend so much on the network topology considered Either the indirect pre-authentication or re-authentication technique can be used. Deciding which technique to use depends on the scenario considered xxx
36
Backup xxx
37
Cryptographic processing delay assumptions
Examples for cryptographic processing time used are real values in milliseconds obtained from a Palm Tungsten T3: * Value under the precision of the device timer These values are dependent on the platform used and therefore should not be used as absolute values. The intention here is to compare between the different cryptographic methods available on a given platform. Size of the encrypted data 16 bytes 128 bytes 512 bytes AES 128 (encrypt) 3.04 7.39 32.61 AES 128 (decrypt) 3.11 7.67 33.18 MD5 0* 2.17 SHA1 1.3 Key size 512 bits 768 bits 1024 bits DH Agreement xxx
38
EAP: Generalized Pre-Shared Key
xxx
39
EAP: TTLS-MD5 xxx
Similar presentations
