EAP-TLS too fast?

Jouni Malinen jkmaline
Thu Feb 9 18:34:48 PST 2006


On Thu, Feb 09, 2006 at 11:15:29AM -0500, Andrea G Forte wrote:

> Here is the link to a paper in which they say the average delay was 
> about 1.1 seconds (read Introduction for example) and later on in their 
> own experiments they have a full authentication (without their proposed 
> improvement) delay of 800+ msec.
> http://www.cs.umd.edu/~mhshin/paper/Proactive_Key_Dist_NG.pdf
> Are they just wrong? They use Pentium III computers for their 
> experiments, but I would not think that this would make such a BIG 
> difference.

I'm not completely sure on what is included in this 1.1 second time, but
like I mentioned before, good latency requires that the implementations
of supplicant, authenticator, and authentication server are good and do
not use things like polling for incoming frames.

I don't have any reason to question these results in their test setup,
but I believe that the original 1.1 second value could have been
improved greatly by optimizing the implementations even without changing
the protocol in any way.

-- 
Jouni Malinen                                            PGP id EFC895FA




More information about the Hostap mailing list