Short authentication procedure in wireless data communications networks

Abstract

In a wireless communications network including at least one authenticator and at least one authentication server, wherein the authenticator is adapted to interact with the authentication server for authenticating supplicants in order to conditionally grant thereto access to the wireless communications network, a short authentication method for authenticating a supplicant, the method including: providing a shared secret, shared by and available at the supplicant and the authentication server; having the supplicant provide to the authenticator an authentication token, wherein the authentication token is based on the shared secret available thereat; having the authenticator forward the authentication token to the authentication server; having the authentication server ascertain an authenticity of the received authentication token based on the shared secret available thereat; in case the authenticity of the authentication token is ascertained, having the authentication server generate a first authentication key based on the shared secret available thereat, and provide the generated authentication key to the authenticator; having the supplicant generate a second authentication key based on the shared secret; and having the supplicant and the authenticator exploit the generated first and the second keys for communicating with each other. The short authentication method is particularly useful in situations of handoff of the supplicant from an authenticator to another.