An Experimental Study on Security Protocols in Wlans

Abstract

Wireless Local Area Networks (WLANs) are vulnerable to malicious attacks due to their open shared medium. Consequently, provisioning enhanced security with strong cryptographic features and low performance overhead becomes exceedingly necessary to actualize real-time services in WLANs. In order to exploit full advantage of existing security protocols at various layers, we study the cross-layer interactions of security protocols in WLANs under different network scenarios. In particular, we present a detailed experimental study on the integration of commonly used security protocols such as WEP, 802. lx and EAP, IPsec and RADIUS. First, we classify individual and hybrid policies, and then, define security index and cost functions to analyze security strength and overhead, quantitatively, of each policy. By setting-up an experimental testbed, we measure performance cost of various policies in terms of authentication time, cryptographic cost and throughput using TCP/UDP traffic streams. Our results demonstrate that in general, the stronger the security, the more signaling and delay overhead, whereas, the overhead does not necessarily increase monotonically with the security strength. Therefore, it is suggested to provide substantial security at a reasonable cost of overhead with respect to mobile scenarios and traffic streams. Also, we notice that authentication time will be a more significant factor contributing towards QoS degradation than cryptographic cost, which is critical to real-time service in wireless networks.