Publication:
Towards a new standard for network access authentication: EAP-EDHOC

dc.contributor.authorLópez Gómez, Francisco
dc.contributor.authorMarín López, Rafael
dc.contributor.authorLópez Millán, Gabriel
dc.contributor.authorGarcía Carrillo, Dan
dc.contributor.authorPreuß Mattsson, John
dc.contributor.authorSelander, Göran
dc.contributor.departmentIngeniería de la Información y las Comunicaciones
dc.contributor.otherFacultades de la UMU::Facultad de Informática
dc.date.accessioned2025-12-12T09:22:07Z
dc.date.available2025-12-12T09:22:07Z
dc.date.copyright© 2025 The Authors.
dc.date.issued2025-07-12
dc.description.abstractThe Extensible Authentication Protocol (EAP) has been a cornerstone of secure authentication in both wired and wireless networks, as well as enterprise systems, enabling integration with a wide range of authentication mechanisms. Recently, the IETF EAP Method Update (EMU) Working Group has adopted EAP-EDHOC, a method that combines EAP’s extensibility with the recent standard Ephemeral Diffie–Hellman Over COSE (EDHOC). EDHOC is a lightweight authentication and key exchange protocol designed to be supported in resource-constrained environments. This enhances EAP-EDHOC as a high-performance authentication method for EAP-based networks. This paper presents a comprehensive analysis of the standardization efforts surrounding EAP-EDHOC, including a first proof-of-concept implementation and performance evaluation conducted over Wi-Fi networks. Additionally, a new design that optimizes the existing protocol by reversing the roles of the communication parties is proposed. The original and optimized versions are evaluated and compared with each other, as well as with EAP-TLS 1.3 and EAP-PSK. The results demonstrate that EAP-EDHOC achieves more efficient authentication than EAP-TLS 1.3 in terms of execution time, number of messages, and data transmitted. Meanwhile, EAP-PSK, which is based on symmetric cryptography, serves as a performance baseline.
dc.formatapplication/pdf
dc.format.extent12
dc.identifier.citationComputer Standards & Interfaces, 2026, Vol. 95 : 104037
dc.identifier.doihttps://doi.org/10.1016/j.csi.2025.104037
dc.identifier.eissn1872-7018
dc.identifier.issn0920-5489
dc.identifier.urihttp://hdl.handle.net/10201/179269
dc.languageeng
dc.publisherElsevier
dc.relationThe article has been partially funded by Project PID2023-148104OB-C43 from MCIN/AEI, partially funded by the FPI Grant PREP2023-002169, also from MCIN/AEI and partially funded from the European Union’s HE Research and Innovation Programme under Grant Agreement No. 101069471.
dc.relation.publisherversionhttps://www.sciencedirect.com/science/article/pii/S0920548925000662
dc.rightsAttribution-NonCommercial 4.0 International*
dc.rights.accessRightsinfo:eu-repo/semantics/openAccess
dc.rights.urihttp://creativecommons.org/licenses/by-nc/4.0/*
dc.subjectNetwork security
dc.subjectWifi networks
dc.subjectAuthentication
dc.subjectEAP
dc.subjectEDHOC
dc.subject.odsNo relacionado con ningún objetivo de desarrollo sostenible
dc.titleTowards a new standard for network access authentication: EAP-EDHOC
dc.typeinfo:eu-repo/semantics/article
dc.type.versioninfo:eu-repo/semantics/publishedVersion
dspace.entity.typePublicationes
relation.isAuthorOfPublication59ad0a22-2a02-45e8-8edb-3051e6324781
relation.isAuthorOfPublication95fd6dd8-97d5-4335-a962-f693b20779ba
relation.isAuthorOfPublication.latestForDiscovery59ad0a22-2a02-45e8-8edb-3051e6324781
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
1-s2.0-S0920548925000662-main.pdf
Size:
2.16 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
license.txt
Size:
1.37 KB
Format:
Item-specific license agreed upon to submission
Description:
Collections