What then are the requirements for an authentication method that will be used to gain access to a wireless network? The following sections list requirements that an authentication method must meet (must haves), additional characteristics that are highly desirable (should haves), and features that may be quite useful in certain environments (may haves).

2.1. REQUIREMENTS (MUST HAVES)
Mutual – It must provide mutual authentication, that is, the authenticator must authenticate the user, but the user must be able to authenticate the authenticator as well. Mutual authentication is particularly important over wireless networks because of the ease with which an attacker can set up a rogue access point. There are two possible attacks here. In one, the rogue is not connected to the target network and merely wishes to trick the user into divulging authentication credentials. In the other, the rogue is connected to the target network. The attacker may then ignore the credentials presented by the user and “authorize” network access. The user’s session may then be recorded or even altered because the attacker has been inserted in the data path.

Self-protecting – It must protect itself from eavesdropping since the physical medium is not secure. The authentication must proceed in such a way that eavesdroppers cannot learn anything useful that would allow them to impersonate the user later.

Immune to Dictionary Attacks – It must not be susceptible to online or offline dictionary attacks. An online attack is one where the imposter must make repeated tries against the authenticator “on line”. These can be thwarted by limiting the number of failed authentication attempts a user can have. An offline attack is one where attackers can make repeated tries on their own computers, very rapidly, and without the knowledge of the authenticator. Simple challenge/response methods are susceptible to offline attacks because if attackers capture a single challenge/response pair, they can try all the passwords in the dictionary to see if one produces the desired response.

Produces Session Keys – It must produce session keys that can be used to provide message authentication, confidentiality, and integrity protection for the session the user is seeking to establish. These keys will be passed to the user’s device drivers to be used as WEP or TKIP keys during the ensuing session.

2.2. ADDITIONAL CHARACTERISTICS (SHOULD HAVES)
Authenticates User – It should authenticate the user rather than the user device. In that way it will be hardened against attacks against the user device. One useful way to meet this requirement would be for the method to depend on a simple secret that can easily be remembered by the user. Another way is to encase the secret in a smart card that is carried by the user and is separate from the device.

Forward Secrecy – It should provide forward secrecy. Forward secrecy means that the user’s secret, whether password or secret key, cannot be compromised at some point in the future. An attacker who recorded a user’s session encrypted by a key produced during authentication cannot, given knowledge of the user’s secret, decrypt the recorded session. Once secure, the session data stays secure forever.

Access Points – It should work with all access points that support 802.1x with EAP authentication.

Quick and Efficient – The authentication should complete in a minimal number of protocol round trips, and computations necessary to complete the authentication should require a minimal amount of computing resources.

Low Maintenance Cost – It should be easy to administer. A method that requires the installation of a certificate on each user device, for example, is not easy to administer. Maintenance of certificate revocation lists can be a costly administrative burden.

Convenient for Users – It should be convenient enough to use that users will not balk. For example, using a certificate stored on a device, though, burdensome to administrators, is convenient for users. Smart cards, though inconvenient for users, are easier for administrators. Users don’t mind typing a small, easy to remember password, but most would object to typing a long string of hex digits.

2.3. OTHER USEFUL FEATURES (MAY HAVES)
Augments Legacy Methods – It may protect a less secure, legacy method in such a way that the combination of the wireless authentication method and legacy method meet the above requirements. This feature is useful in environments with legacy authentication systems that cannot quickly be replaced.

Fast Reauthentication – It may provide a reauthentication mechanism that is less time and/or compute intensive than the legacy authentication. Of particular concern is enabling fast handoffs for mobile users. Since the time constraints on a handoff may be very tight, a reauthentication mechanism that takes few round trips or can be accomplished by a server in the service provider’s domain rather than the user’s home domain would be helpful. However, care should be taken that such reauthentication mechanisms provide strong security.