Abstract

In this paper, we propose a handover authentication mechanism, called the handover key management and authentication scheme (HaKMA for short), which as a three-layer authentication architecture is a new version of our previous work, the Diffie-Hellman-PKDS-based authentication method (DiHam for short) improving its key generation flow and adding a handover authentication scheme to respectively speed up the handover process and increase the security level for mobile stations (MSs). AAA server supported authentication is also enhanced by invoking an improved extensible authentication protocol (EAP). According to the analyses of this study the HaKMA can effectively and efficiently provide user authentication and balance data security and system performance during handover.