Just to clarify to the group, PMK caching does just that, it caches the Pairwise Master Key. The client and AP (or switch, if it's a thin/dumb AP) still negotiate a temporal key for that session.
One thing that wasn't mentioned on this list is pre-authentication, in which the client obtains a PMK from the neighboring keys (in-between regular traffic) in advance, such that when it roams it only needs to obtain the temporal keys. EAP proxy or acceleration, which now both Aruba and Trapeze can do (with only some EAP types, more on the way, I'm told), supposedly can offload quite a bit of processing as it does it's own key material generation, using a regular backend RADIUS server only for authentication. I'm not familiar with "fast handoff" (short of what's discussed in TGr) and "fast reconnect", so if someone can point me to some material on that, I would greatly appreciate it. Frank -----Original Message----- From: Shumon Huque [mailto:[EMAIL PROTECTED] Sent: Thursday, September 28, 2006 10:44 PM To: [email protected] Subject: Re: [WIRELESS-LAN] Frequent reassociations/reauthentications in 802.1x WLAN Fascinating discussion .. thanks for all the comments and suggestions. Clearly AP transitions in an authenticated WLAN are very costly. We'll continue tuning the AP deployment to see if we can minimize them (as Julian is doing on his campus). But judging from this thread, a large part of the problem of excessive transitions may be attributable to the widespread existence of poorly implemented wireless NICs and drivers. If that's the case, this seems to be a difficult problem to fix in the near term. And until there is a widespread fix, I'm now thinking we may have to redesign our authenticated WLANs for far more efficient roaming (eg. short circuiting the heavyweight authentication as much as possible). I'll list some techniques I can think of: - Fast reconnect (EAP method specific): eg. TLS session resumption for methods that use TLS (EAP-TLS/TTLS/PEAP etc). Incidentally, our RADIUS server claims to have this turned on by default, but I have yet to see any evidence that it's being used, so perhaps the client software doesn't support it. - PMK caching Both AP and station cache the PMK that was derived from prior EAP authentications and can reuse that if they reassociate in the near future. This completely short circuits the EAP/802.1X authentication, so probably has great performance. On the other hand it has implications for accurate centralized user accounting - civil libertarians and privacy advocates would call that a feature though :-) - Fast handoff: By this I mean schemes where, during reassociation, the currently associated AP transfers the security context of the session to the target AP. IAPP and the various IAPP- like vendor proprietary schemes fall into this category. It isn't clear to me how these fast handoff schemes interoperate with the wireless security standard (ie. WPA and 802.11i), where each new STA,AP pair would need a fresh PMK to establish a secure association. And obtaining a fresh PMK requires a full EAP authentication between the client and the RADIUS server. - 802.11r Since this spec is still under development, I doubt this is a practical option. But I think the idea is that stations pre-authenticate themselves to candidate APs in the vicinity. - WLAN switches that can short circuit the authentication to the back-end EAP server, and enable security context transfer between their managed APs in some fashion. Any other notable schemes I'm missing? Which of these is actually deployable today, given availability of working implementations? Feel free to name specific vendors. Also, let me know if I'm out in left field with this thinking .. MERU was recommended several times in this thread. Would anyone care to provide a brief technical sketch of their architecture? Or provide a link to a technical white paper with the details? --Shumon. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
