DoS-resistant access control protocol with identity confidentiality for wireless networks

In this paper, we review a PKC (public key cryptosystem) based protocol, referred to as the Stanford protocol, aimed at overcoming several security deficiencies in IEEE 802.1X and to provide access control in both wireless and wired networks. One main objective of the Stanford protocol is to provide DoS resistance for the wireless network. Meanwhile, in the wireless environment, identity confidentiality of the mobile user is especially important since the disclosed identity could be used to locate the user and track his movement. But our analysis shows that the Stanford protocol fails to fulfill these requirements. So we propose a new PKC-based protocol that not only provides DoS resistance and perfect forward secrecy, but also provides identity anonymity for the clients. We also present detailed security and performance analysis for our protocol, and show that our protocol is secure and efficient for access control in wireless networks.