In this paper we formally specify mutual authentication and key establishment goals for WRT and propose an efficient and provably secure protocol that can be used to secure such roaming session. Additionally, we describe some modular protocol extensions to address resistance against DoS attacks, anonymity of the mobile device and unlinkability of its roaming sessions, as well as the accounting claims of the foreign network in commercial scenarios.
Category / Keywords: Authentication, end-to-end security, key exchange, mobile networks, security model, Publication Info: The shorter version of this full paper appears at ASIACCS 2009. Copyright ACM. Date: received 9 Sep 2008, last revised 16 Dec 2008 Contact author: mark manulis at uclouvain be Available format(s): PDF | BibTeX Citation Note: This new revision contains some corrections, security proofs, restructuring, aditional examples and arguments, and remarks on the efficiency of the protocol. Version: 20081216:114131 (All versions of this report) Short URL: ia.cr/2008/382