The talk is about a fast, secure handover protocol for 802.11 networks. The protocol keeps the security functionalities of 802.1X but uses a new reauthentication protocol that promotes fast handovers during reassociations. The reauthentication protocol recovers the original 802.11 paradigm: authenticate first, reassociate next. Following this paradigm, two new 802.11 authentication and reassociation protocols where conceived, which allow a mobile station to perform 802.1X reauthentications before reassociations with the same functionality of a complete 802.1X authentication. Furthermore, reassociation protocols are authenticated, preventing denial-or-service scenarios that are not handled by 802.11i. This novel approach requires little from the environment, namely a new, central Reauthentication Service, for storing data used in the reauthentication of stations. The time of security-related tasks that contribute to handover delays was dramatically reduced to 1.5~ms, while an 802.1X fast resume takes more than 150~ms. Finally, the new protocol addresses most design goals and problems stated by standards' working groups for fast, secure roaming in 802.11.

André Zúquete holds a PhD from the Instituto Superior Técnico/Technical
University of Lisbon (2001) and currently holds an Auxiliary Professor
position at University of Aveiro. His R&D activities have been centered
on security in distributed systems, focusing general purpose security
architectures and dedicated, specific architectures, such as for
e-voting. He has worked on several national and European (such as ESPRIT
COMANDOS I/II and ORCHESTRA) projects concerned with security issues in
distributed environments and currently is involved in the European SWIFT
project, that deals with secure identity management. He has served as a
technical program committee member for several international
conferences. He did also security-related technical auditing and
consulting for Portuguese companies and the Portuguese government. He
has around 30 papers published on different areas of security and a book
on network security (in Portuguese).