Stevens Creek Software LLC
In this paper, the authors analyze the performance of authentication protocols for roaming in 802.11i-protected WLANs. In particular, they compare the recently introduced EAP-TLSKS protocol to standard configurations in EAP-TLS. Roaming configurations for EAP-TLS are such that all traffic is forwarded to the home network leaving the foreign network no control over the authentication. Alternatively, the foreign network handles authentication on its own, and the home network relinquishes control. In contrast, EAP-TLS-KS involves both networks and gives each of them control over the authentication. In addition to performance evaluations, they discuss how to implement EAPTLS- KS, what difficulties one may encounter, and how they can be solved.