An Improved Password Authentication Key Exchange Protocol for 802.11 Environment

  • Su Jung Yu
  • Joo Seok Song
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2668)


In this paper, we propose a password authentication key exchange protocol for WLANs (Wireless LANs). We call the proposed protocol as the improved EAP-SPEKE (Extensible Authentication Protocol-Simple Password Encrypted Key Exchange). The improved EAP- SPEKE protocol supports mutual authentication and key derivation. The proposed protocol does not require any modification to the IEEE 802.1X and EAP. Before the protocol begins, the server and client compute one modulo exponentiation. Once the protocol begins, the server and client need to compute another exponentiation for mutual authentication. On the contrary, the EAP-SRP needs to compute two modulo exponentiation during the protocol. The client and server authenticate each other with three message exchanges. Therefore, the number of exchanged message decreases by one compared with the EAP-SRP. Besides, the improved EAP-SPEKE protocol works on the the ECC (Elliptic Curve Cryptosystems) base as well as the DH (Diffie-Hellman) base.


Hash Function Mutual Authentication Extensible Authentication Protocol Client Device Access Control List 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Whitepaper: Security for Next Generation Wireless LANs,
  2. 2.
    IEEE Standards for Local and Metropolitan Area Networks: Port based Network Access Control, IEEE Std 802.1x-2001 (2001)Google Scholar
  3. 3.
  4. 4.
    S. M. Bellovin and M. Merrit: Encrypted key exchange: Password-based protocols secure against dictionary attacks, In Proceedings of the IEEE Symposium on Research in security and Privacy (1992)Google Scholar
  5. 5.
    J. Vollbrecht: White Paper:Wireless LAN Access Control and Authentication, Interlink Networks, IncGoogle Scholar
  6. 6.
    IEEE Wireless Standards
  7. 7.
  8. 8.
  9. 9.
    T. Wu: The SRP Authentication and Key Exchange System, RFC 2945 (2000)Google Scholar
  10. 10.
    D. P. Jablon: Strong Password-only Authenticated Key Exchange, ACM SIGCOMM Computer Communications Review (1996)Google Scholar
  11. 11.
    T. Wu: The Secure Remote Password Protocol, In Proceedings of the Internet Society Symposium on Network and Distributed Systems Security, San Diego, CA,(1998)97–111Google Scholar
  12. 12.
    D. Taylor: Using SRP for TLS Authentication, IETF draft-ietf-tls-srp-01.txt (work in progress)(2001)Google Scholar
  13. 13.
    D. Jablon: The SPEKE Password-Based Key Agreement Methods,IETF draft-jablon-speke-00.txt(2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Su Jung Yu
    • 1
  • Joo Seok Song
    • 1
  1. 1.Depart of Computer ScienceYonsei UniversitySeoulSouth Korea

Personalised recommendations