Next Article in Journal
Scattering from Spheres: A New Look into an Old Problem
Previous Article in Journal
Improving the Prediction Quality in Memory-Based Collaborative Filtering Using Categorical Features
Article

Stateless Re-Association in WPA3 Using Paired Token

Department of Information Security, Joongbu University, 305 Dongheon-ro, Goyang-si 10279, Korea
Electronics 2021, 10(2), 215; https://doi.org/10.3390/electronics10020215
Received: 13 December 2020 / Revised: 11 January 2021 / Accepted: 14 January 2021 / Published: 19 January 2021
(This article belongs to the Section Microwave and Wireless Communications)
In Wi-Fi Protected Access 3 (WPA3), a secure connection is established in two sequential stages. Firstly, in the authentication and association stage, a pairwise master key (PMK) is generated. Secondly, in the post-association stage, a pairwise transient key (PTK) is generated from PMK using the traditional 4-way handshake protocol. To reduce the heavy load of the first stage, PMK caching can be used. If the client and AP are previously authenticated and have a PMK cache, the first heavy stage can be skipped and the cached PMK can be used to directly execute the 4-way handshake. However, PMK caching is a very primitive technology to manage shared key between a client and AP and there are many limitations; AP has to manage a stateful cache for a large number of clients, cache lifetime is limited, etc. Paired token (PT)is a new secondary credential scheme that provides stateless pre-shared key (PSK) in a client-server environment. The server issues a paired token (public token and secret token) to an authenticated client where the public token has the role of signed identity and the secret token is a kind of shared secret. Once a client is equipped with PT, it can be used for many symmetric key-based cryptographic applications such as authentication, authorization, key establishment, etc. In this paper, we apply the PT approach to WPA3 and try to replace the PMK caching with the one-time authenticated key establishment using PT. At the end of a successful full handshake, AP securely issues PT to the client. Then, in subsequent re-association requests, the client and AP can compute the same one-time authenticated PMK using PT in a stateless way. Using this kind of stateless re-association technology, AP can provide a high performance Wi-Fi service to a larger number of clients. View Full-Text
Keywords: Wi-Fi security; WPA3; PMK caching; paired token; secondary credential; JSON web token; one-time authenticated key establishment; stateless re-association Wi-Fi security; WPA3; PMK caching; paired token; secondary credential; JSON web token; one-time authenticated key establishment; stateless re-association
MDPI and ACS Style

Lee, B. Stateless Re-Association in WPA3 Using Paired Token. Electronics 2021, 10, 215. https://doi.org/10.3390/electronics10020215

AMA Style

Lee B. Stateless Re-Association in WPA3 Using Paired Token. Electronics. 2021; 10(2):215. https://doi.org/10.3390/electronics10020215

Chicago/Turabian Style

Lee, Byoungcheon. 2021. "Stateless Re-Association in WPA3 Using Paired Token" Electronics 10, no. 2: 215. https://doi.org/10.3390/electronics10020215

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop