Publication: Towards a new standard for network access authentication: EAP-EDHOC
| dc.contributor.author | López Gómez, Francisco | |
| dc.contributor.author | Marín López, Rafael | |
| dc.contributor.author | López Millán, Gabriel | |
| dc.contributor.author | García Carrillo, Dan | |
| dc.contributor.author | Preuß Mattsson, John | |
| dc.contributor.author | Selander, Göran | |
| dc.contributor.department | Ingeniería de la Información y las Comunicaciones | |
| dc.contributor.other | Facultades de la UMU::Facultad de Informática | |
| dc.date.accessioned | 2025-12-12T09:22:07Z | |
| dc.date.available | 2025-12-12T09:22:07Z | |
| dc.date.copyright | © 2025 The Authors. | |
| dc.date.issued | 2025-07-12 | |
| dc.description.abstract | The Extensible Authentication Protocol (EAP) has been a cornerstone of secure authentication in both wired and wireless networks, as well as enterprise systems, enabling integration with a wide range of authentication mechanisms. Recently, the IETF EAP Method Update (EMU) Working Group has adopted EAP-EDHOC, a method that combines EAP’s extensibility with the recent standard Ephemeral Diffie–Hellman Over COSE (EDHOC). EDHOC is a lightweight authentication and key exchange protocol designed to be supported in resource-constrained environments. This enhances EAP-EDHOC as a high-performance authentication method for EAP-based networks. This paper presents a comprehensive analysis of the standardization efforts surrounding EAP-EDHOC, including a first proof-of-concept implementation and performance evaluation conducted over Wi-Fi networks. Additionally, a new design that optimizes the existing protocol by reversing the roles of the communication parties is proposed. The original and optimized versions are evaluated and compared with each other, as well as with EAP-TLS 1.3 and EAP-PSK. The results demonstrate that EAP-EDHOC achieves more efficient authentication than EAP-TLS 1.3 in terms of execution time, number of messages, and data transmitted. Meanwhile, EAP-PSK, which is based on symmetric cryptography, serves as a performance baseline. | |
| dc.format | application/pdf | |
| dc.format.extent | 12 | |
| dc.identifier.citation | Computer Standards & Interfaces, 2026, Vol. 95 : 104037 | |
| dc.identifier.doi | https://doi.org/10.1016/j.csi.2025.104037 | |
| dc.identifier.eissn | 1872-7018 | |
| dc.identifier.issn | 0920-5489 | |
| dc.identifier.uri | http://hdl.handle.net/10201/179269 | |
| dc.language | eng | |
| dc.publisher | Elsevier | |
| dc.relation | The article has been partially funded by Project PID2023-148104OB-C43 from MCIN/AEI, partially funded by the FPI Grant PREP2023-002169, also from MCIN/AEI and partially funded from the European Union’s HE Research and Innovation Programme under Grant Agreement No. 101069471. | |
| dc.relation.publisherversion | https://www.sciencedirect.com/science/article/pii/S0920548925000662 | |
| dc.rights | Attribution-NonCommercial 4.0 International | * |
| dc.rights.accessRights | info:eu-repo/semantics/openAccess | |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc/4.0/ | * |
| dc.subject | Network security | |
| dc.subject | Wifi networks | |
| dc.subject | Authentication | |
| dc.subject | EAP | |
| dc.subject | EDHOC | |
| dc.subject.ods | No relacionado con ningún objetivo de desarrollo sostenible | |
| dc.title | Towards a new standard for network access authentication: EAP-EDHOC | |
| dc.type | info:eu-repo/semantics/article | |
| dc.type.version | info:eu-repo/semantics/publishedVersion | |
| dspace.entity.type | Publication | es |
| relation.isAuthorOfPublication | 59ad0a22-2a02-45e8-8edb-3051e6324781 | |
| relation.isAuthorOfPublication | 95fd6dd8-97d5-4335-a962-f693b20779ba | |
| relation.isAuthorOfPublication.latestForDiscovery | 59ad0a22-2a02-45e8-8edb-3051e6324781 |
Collections
Este ítem está sujeto a una licencia Creative Commons. http://creativecommons.org/licenses/by-nc/4.0/