Many key applications of mobile IP networks are highly sensitive to latency. We note that security mechanisms, such as authentication of mobile nodes and authorization of network access are major sources of delay and jitter because they often require sending multiple sizable messages over the wireless link, communication with home networks or authentication servers, and computationally intensive cryptographic operations. Therefore, there is a conflict between the high quality- of-service (QoS) requirements of the emerging applications and security of mobile communications systems.

We argue that minimizing the impact on QoS should be one of the main design goals for security protocols. As a concrete example, we describe an efficient reauthentication protocol for wireless Internet access. Wireless access authorization needs to be fast because the mobile node is reauthenticated every time it moves to a new access point. Thus, the reauthentication may be frequent and it is done exactly at the most QoS-critical moment.

We present a low-latency reauthentication protocol for mobile network access where temporary access is allowed after a fast, credential- based authentication. A slower full authentication protocol can then take place in the background while the mobile is already using the service. Our aim is to reduce the authentication delay without opening a window for fraudulent access. Our protocol rewards mobiles for past good behavior (e.g. honest payment) and improves quality of service when they roam between wireless access networks. We also expect the inexpensive credential-based reauthentication mechanism and the design principles identified in this paper to have wider applications in mobile security protocols.