Authentication in Multi-Hop Wireless Mesh Networks
Wireless Mesh Networks (WMNs) are an emerging
technology for last-mile broadband access. In WMNs, similar to ad
hoc networks, each user node operates not only as a host but also as a
router. User packets are forwarded to and from an Internet-connected
gateway in multi-hop fashion. The WMNs can be integrated with
other networking technologies i.e. ad hoc networks, to implement a
smooth network extension. The meshed topology provides good
reliability and scalability, as well as low upfront investments. Despite
the recent start-up surge in WMNs, much research remains to be
done in standardizing the functional parameters of WMNs to fully
exploit their full potential. An edifice of the security concerns of
these networks is authentication of a new client joining an integrated
ad hoc network and such a scenario will require execution of a multihop
authentication technique. Our endeavor in this paper is to
introduce a secure authentication technique, with light over-heads
that can be conveniently implemented for the ad-hoc nodes forming
clients of an integrated WMN, thus facilitating their inter-operability.
[1] Ian F. Akyildiz, Xudong Wang, Weilin Wang: "Wireless Mesh
Networks: A Survey" Computer Networks, 47(4):445.487, 2005.
[2] The Wi-Fi Alliance. Available: <http://www.wi-fi.org/>.
[3] The Wi MAX Forum. Available: <http://www.wimaxforum.org/home>.
[4] IEEE 802.11 Standard Group Web Site. Available:
<http://www.ieee802.org/11/>.
[5] IEEE 802.15 Standard Group Web Site. Available:
<http://www.ieee802.org/15/>.
[6] IEEE 802.16 Standard Group Web Site. Available:
<http://www.ieee802.org/16/>.
[7] C. E. Perkins, E. Belding Royer, S. R. Das: "Ad hoc On Demand
Distance Vector (AODV) Routing", IETF RFC 3561, July 2003.
[8] O. Cheikhrouhou, M. Laurent-Maknavicius, H. Chaouchi, "Security
Architecture in a Multi-hop Mesh Network", 5th Conference on Safety
and Architectures Networks SAR 2006, Seignosse, Landes, France, June
2006.
[9] IEEE Standard 802.1X-2004: "Standard for Local and Metropolitan
Area Networks: Port-Based Network Access Control", December 2004.
[10] B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, H. Levkowetz:
"Extensible Authentication Protocol (EAP)", IETF RFC 3748, June
2004.
[11] D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig: "Protocol for Carrying
Authentication and Network Access (PANA)", draft-ietf-pana-pana-11
(work in progress), March 2006.
[12] B. Aboba, D. Simon: "PPP EAP TLS Authentication Protocol", IETF
RFC 2716, October 1999.
[13] Bruce Scheiner: "Applied Cryptography: Protocols, Algorithms and
Source Codes in C", Published by John Wiley & Sons, Inc, 1996.
[14] W. E. Burr: "Public Key Infrastructure (PKI) Technical Specifications",
NIST Working Draft TWG-98-59, September 1998.
[15] B. Aboba, P. Calhoun: "RADIUS Support for EAP" IETF RFC 3579,
September 2003.
[16] P. Eronen, T. Hiller, G. Zorn: "Diameter EAP Application" IETF RFC
4072, August 2005.
[17] IEEE Standard 802.11i-2004: "Standard for Information technology -
Telecommunication and information exchange between systems-Local
and metropolitan area networks-Specific requirements", July 2004.
[18] R. Droms: "Dynamic Host Configuration Protocol", IETF RFC 2131,
March 1997.
[19] M. Parthasarathy: "Protocol for Carrying Authentication and Network
Access (PANA) Threat Analysis and Security Requirements", IETF RFC
4016, March 2005.
[20] S. Kent, R. Atkinson: "Security Architecture for Internet Protocol",
IETF RFC 2401, November 1998.
[21] Alexis Olivereau, Antonio F. G├│mez Skarmeta, Rafael Marin Lopez,
Benjamin Weyl, Pedro Brandão, Parijat Mishra, Christian Hauser: "An
Advanced Authorization Framework for IP-based B3G Systems",
February 2005, Available: www.ikr.unistuttgart.
de/Content/Publications /Archive/Ha_B3G_ Authorization
36437.pdf -.
[22] Josefsson, S. Palekar, A. Simon, D. and G. Zorn: "Protected EAP
Protocol (PEAP) Version 2", draft-josefsson-pppext-eap-tls-eap-10
(work in progress), October 2004.
[23] Jyh-Cheng Chen, Yu-Ping Wang: "Extensible Authentication Protocol
(EAP) and IEEE 802.1x: Tutorial and Empirical Experience",
Department of Computer Science, Institute of Communications
Engineering, National Tsing Hua University Hsinchu, Taiwan, IEEE
Communications Magazine, 2005.
[24] Paul Funk, Simon Blake-Wilson: "EAP Tunneled TLS Authentication
Protocol Version 0" Internet Draft (work in progress), February 2005.
Available:
https://datatracker.ietf.org/public/idindex.cgi?command=id_detail&id=1
2976 - 9k -.
[25] B. Lloyd. W. Simpson: "PPP Authentication Protocols", IETF RFC
1334, October 1992.
[26] W. Simpson: "PPP Challenge Handshake Authentication Protocol
(CHAP)", IETF RFC 2484, August 1996.
[27] R. Rivest: "The MD 5 Message Digest Algorithm", IETF RFC 1321,
April 1992.
[1] Ian F. Akyildiz, Xudong Wang, Weilin Wang: "Wireless Mesh
Networks: A Survey" Computer Networks, 47(4):445.487, 2005.
[2] The Wi-Fi Alliance. Available: <http://www.wi-fi.org/>.
[3] The Wi MAX Forum. Available: <http://www.wimaxforum.org/home>.
[4] IEEE 802.11 Standard Group Web Site. Available:
<http://www.ieee802.org/11/>.
[5] IEEE 802.15 Standard Group Web Site. Available:
<http://www.ieee802.org/15/>.
[6] IEEE 802.16 Standard Group Web Site. Available:
<http://www.ieee802.org/16/>.
[7] C. E. Perkins, E. Belding Royer, S. R. Das: "Ad hoc On Demand
Distance Vector (AODV) Routing", IETF RFC 3561, July 2003.
[8] O. Cheikhrouhou, M. Laurent-Maknavicius, H. Chaouchi, "Security
Architecture in a Multi-hop Mesh Network", 5th Conference on Safety
and Architectures Networks SAR 2006, Seignosse, Landes, France, June
2006.
[9] IEEE Standard 802.1X-2004: "Standard for Local and Metropolitan
Area Networks: Port-Based Network Access Control", December 2004.
[10] B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, H. Levkowetz:
"Extensible Authentication Protocol (EAP)", IETF RFC 3748, June
2004.
[11] D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig: "Protocol for Carrying
Authentication and Network Access (PANA)", draft-ietf-pana-pana-11
(work in progress), March 2006.
[12] B. Aboba, D. Simon: "PPP EAP TLS Authentication Protocol", IETF
RFC 2716, October 1999.
[13] Bruce Scheiner: "Applied Cryptography: Protocols, Algorithms and
Source Codes in C", Published by John Wiley & Sons, Inc, 1996.
[14] W. E. Burr: "Public Key Infrastructure (PKI) Technical Specifications",
NIST Working Draft TWG-98-59, September 1998.
[15] B. Aboba, P. Calhoun: "RADIUS Support for EAP" IETF RFC 3579,
September 2003.
[16] P. Eronen, T. Hiller, G. Zorn: "Diameter EAP Application" IETF RFC
4072, August 2005.
[17] IEEE Standard 802.11i-2004: "Standard for Information technology -
Telecommunication and information exchange between systems-Local
and metropolitan area networks-Specific requirements", July 2004.
[18] R. Droms: "Dynamic Host Configuration Protocol", IETF RFC 2131,
March 1997.
[19] M. Parthasarathy: "Protocol for Carrying Authentication and Network
Access (PANA) Threat Analysis and Security Requirements", IETF RFC
4016, March 2005.
[20] S. Kent, R. Atkinson: "Security Architecture for Internet Protocol",
IETF RFC 2401, November 1998.
[21] Alexis Olivereau, Antonio F. G├│mez Skarmeta, Rafael Marin Lopez,
Benjamin Weyl, Pedro Brandão, Parijat Mishra, Christian Hauser: "An
Advanced Authorization Framework for IP-based B3G Systems",
February 2005, Available: www.ikr.unistuttgart.
de/Content/Publications /Archive/Ha_B3G_ Authorization
36437.pdf -.
[22] Josefsson, S. Palekar, A. Simon, D. and G. Zorn: "Protected EAP
Protocol (PEAP) Version 2", draft-josefsson-pppext-eap-tls-eap-10
(work in progress), October 2004.
[23] Jyh-Cheng Chen, Yu-Ping Wang: "Extensible Authentication Protocol
(EAP) and IEEE 802.1x: Tutorial and Empirical Experience",
Department of Computer Science, Institute of Communications
Engineering, National Tsing Hua University Hsinchu, Taiwan, IEEE
Communications Magazine, 2005.
[24] Paul Funk, Simon Blake-Wilson: "EAP Tunneled TLS Authentication
Protocol Version 0" Internet Draft (work in progress), February 2005.
Available:
https://datatracker.ietf.org/public/idindex.cgi?command=id_detail&id=1
2976 - 9k -.
[25] B. Lloyd. W. Simpson: "PPP Authentication Protocols", IETF RFC
1334, October 1992.
[26] W. Simpson: "PPP Challenge Handshake Authentication Protocol
(CHAP)", IETF RFC 2484, August 1996.
[27] R. Rivest: "The MD 5 Message Digest Algorithm", IETF RFC 1321,
April 1992.
@article{"International Journal of Electrical, Electronic and Communication Sciences:53254", author = "Kaleemullah Khan and Muhammmad Akbar", title = "Authentication in Multi-Hop Wireless Mesh Networks", abstract = "Wireless Mesh Networks (WMNs) are an emerging
technology for last-mile broadband access. In WMNs, similar to ad
hoc networks, each user node operates not only as a host but also as a
router. User packets are forwarded to and from an Internet-connected
gateway in multi-hop fashion. The WMNs can be integrated with
other networking technologies i.e. ad hoc networks, to implement a
smooth network extension. The meshed topology provides good
reliability and scalability, as well as low upfront investments. Despite
the recent start-up surge in WMNs, much research remains to be
done in standardizing the functional parameters of WMNs to fully
exploit their full potential. An edifice of the security concerns of
these networks is authentication of a new client joining an integrated
ad hoc network and such a scenario will require execution of a multihop
authentication technique. Our endeavor in this paper is to
introduce a secure authentication technique, with light over-heads
that can be conveniently implemented for the ad-hoc nodes forming
clients of an integrated WMN, thus facilitating their inter-operability.", keywords = "Multi-Hop WMNs, PANA, EAP-TTLS,Authentication, RADIUS.", volume = "2", number = "10", pages = "2211-6", }