Thursday 31 July 2014

Wi-Fi and Cellular: Authentication & Security

While in the past WiFi was considered not as secure as the cellular counterpart, things have been changing slowly and steadily. While the cellular is able to offer authentication using the EPS-AKA, Wi-Fi is now able to offer EAP-AKA and EAP-SIM. 

In fact the above table is quite interesting to know about. Recently I was following a discussion that talked about the lack of QoS support in WiFi. As we can see, its supported but not guaranteed. 

Devices that contain the USIM card can use EAP-AKA while that without one can offer EAP-SIM. EAP-AKA works in a similar way to the cellular authentication protocol EPS-AKA. For anyone who is interested in reading more details about the authentication and how it works, including signalling, see this whitepaper here.

If you haven't seen our whitepaper on Cellular and WiFi integration, please check it out here.


  1. Claus Hetting (via HetNet Linkedin group)31 July 2014 at 13:23

    Good information - thanks for sharing :-) Yes, the EAP & Hotspot 2.0 standards now offer carrier-grade security levels for Wi-Fi and are approved by the 3GPP.
    What I don't understand is the 'QoS' discussion. In my view, no wireless technology mobile or Wi-Fi has any QoS guarantee of any sort because of the radio medium itself. Sure, there are features called 'QoS' (in Wi-Fi too) but in practice, you have no guarantee of what you're going to get - especially if you're trying to beam through a 3-foot thick steel reinforced wall. So this QoS idea is odd to me.

  2. Claus, I may be wrong but I think that in Cellular the required QoS is checked during Admission Control and then it is guaranteed during the lifetime of a (packet) call. If during the call the QoS falls below the required amount, the call may be dropped (implementation dependant). On WiFi, its not guaranteed but the protocols try and prioritise the packets with higher QoS over ones with lower QoS, hence its not guaranteed. Link will not be dropped even if QoS falls significantly.

  3. Manoj Das (via HetNet Linkedin group)1 August 2014 at 06:32

    Thanks Zahid and Claus. In 802.11e WMM, Mostly QoS in unidirectional from AP to Client. WiFi Network can not enforce any QoS on WiFi devices. Unless the Device running specific App for voice or video, places a priority bit in the packets going from device to the AP.
    Please correct me if I am wrong.