Virtual prepaid tokens for Wi-Fi hotspot access

We introduce virtual prepaid tokens (VPT), a novel billing scheme that allows users to obtain access at Wi-Fi hotspots without having an account with a hotspot provider or a physical prepaid token (PPT). Upon arrival at a hotspot, a user buys a VPT online, using a third-party payment server with which the user already has an account. Experiments show that users can buy a VPT and gain full Internet connectivity in less than 15 seconds, i.e. much less time than it would take to create another account or to buy and activate a PPT. VPT can be used in hotspots that use a captive portal or IEEE 802.1x for user authentication. The latter alternative enables better security. We also contribute a novel technique that allows a single access point to authenticate users by either method. Hotspots can use this solution for migrating to 802.1x without disrupting legacy captive-portal users. Experiments demonstrate that the proposed technique has little overhead and interoperates broadly.

[1]  Voon Chin Phua,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1999 .

[2]  Dan Simon,et al.  PPP EAP TLS Authentication Protocol , 1999, RFC.

[3]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[4]  José Carlos Brustoloni,et al.  Detecting and Blocking Unauthorized Access in Wi-Fi Networks , 2004, NETWORKING.

[5]  Lars Richter,et al.  Untersuchung und Bewertung von Netzzugangssteuerungen auf Basis des Standards 802.1x (Port-Based Network Access Control) , 2005 .

[6]  Guido Appenzeller,et al.  User-friendly access control for public network ports , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[7]  Pat R. Calhoun,et al.  RADIUS Extensions , 2000, RFC.

[8]  A. Stone For-fee hot spots strive to make Wi-Fi pay , 2003, IEEE Pervasive Computing.

[9]  Glen Zorn,et al.  Protected EAP Protocol (PEAP) Version 2 , 2004 .

[10]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[11]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[12]  Glen Zorn,et al.  Microsoft PPP CHAP Extensions, Version 2 , 2000, RFC.

[13]  William A. Arbaugh,et al.  YOUR 802.11 WIRELESS NETWORK HAS NO CLOTHES , 2001 .

[14]  Nj Piscataway,et al.  Wireless LAN medium access control (MAC) and physical layer (PHY) specifications , 1996 .

[15]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[16]  Glen Zorn Deriving Keys for use with Microsoft Point-to-Point Encryption (MPPE) , 2001, RFC.

[17]  Glen Zorn,et al.  Microsoft Point-To-Point Encryption (MPPE) Protocol , 2001, RFC.

[18]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[19]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.