Authentication and handoff protocols for wireless mesh networks

Slides:



Advertisements
Similar presentations
Authentication.
Advertisements

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
Fault Tolerant Routing in Tri-Sector Wireless Cellular Mesh Networks Yasir Drabu and Hassan Peyravi Kent State University Kent, OH
Multicasting in Mobile Ad-Hoc Networks (MANET)
Arsitektur Jaringan Terkini
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
802.1x EAP Authentication Protocols
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Mesh Networks
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless MESH network Tami Alghamdi. Mesh Architecture – Mesh access points (MAPs). – Mesh clients. – Mesh points (MPs) – MP uses its Wi-Fi interface.
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
WIRELESS LAN SECURITY Using
Wireless and Security CSCI 5857: Encoding and Encryption.
Doc.: IEEE /216 SubmissionPeter Stanforth, Vann Hasty, MeshNetworks Self Forming Self Healing Networks Peter Stanforth & Vann Hasty MeshNetworks.
Performance Analysis of AODV and SAODV Routing Protocols in Ad-Hoc Mesh Networks- A Simulation Study Sangeeta Ghangam Division of Computing Studies, Arizona.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.
Network access security methods Unit objective Explain the methods of ensuring network access security Explain methods of user authentication.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Lecture 24 Wireless Network Security
An Efficient Wireless Mesh Network A New Architecture 指導教授:許子衡 教授 學生:王志嘉.
Wireless Mesh Networks Myungchul Kim
Wireless Network Security CSIS 5857: Encoding and Encryption.
Intro Wireless vs. wire-based communication –Costs –Mobility Wireless multi hop networks Ad Hoc networking Agenda: –Technology background –Applications.
Submission May 2016 H. H. LEESlide 1 IEEE Framework and Its Applicability to IMT-2020 Date: Authors:
1 Wireless Networks Lecture 31 Wireless Mesh Networks Dr. Ghalib A. Shah.
Seminar on Wireless Mesh Networking Presented By: Mankiran Kaur ( ) M.Tech(C.S.E)
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.
History and Implementation of the IEEE 802 Security Architecture
Robust Security Network (RSN) Service of IEEE
Routing Metrics for Wireless Mesh Networks
Advanced Penetration testing
CSE 4905 WiFi Security II WPA2 (WiFi Protected Access 2)
History and Implementation of the IEEE 802 Security Architecture
Authentication and handoff protocols for wireless mesh networks
IMPROVING OF WIRELESS MESH NETWORKS.
Module 9: Configuring Network Access
Architecture and Algorithms for an IEEE 802
Wireless Protocols WEP, WPA & WPA2.
Network Infrastructure
Ad-hoc Networks.
Configuring and Troubleshooting Routing and Remote Access
13-May-2008 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Some MAC Requirements for Neighborhood Area.
Routing In Wireless Mesh Networks
Ad-hoc On-demand Distance Vector
Advanced Penetration testing
On and Off Premise Secure Access
Performance of an Home Network Mesh Testbed
Routing Metrics for Wireless Mesh Networks
SECURING WIRELESS LANS WITH CERTIFICATE SERVICES
IEEE i Dohwan Kim.
Wireless Network Security
Lecture 45 Review of Lectures Dr. Ghalib A. Shah
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
Xiuzhen Cheng Csci332 MAS Networks – Challenges and State-of-the-Art Research – Wireless Mesh Networks Xiuzhen Cheng
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Routing in Mobile Ad-hoc Networks
EEL 6935 Wireless Ad Hoc Networks
A Joint Proposal for Security
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Overview of Improvements to Key Holder Protocols
Overview of Improvements to Key Holder Protocols
Presentation transcript:

Authentication and handoff protocols for wireless mesh networks PhD Security Oral Exam Naif Alamri

Outline Background WMN architecture WMN components WMN challenges Current solutions Related work Future work Auth HandOff WMN / N. Alamri 1/15/2019

Background Mesh topology IEEE 802.11s (2003 – 2011) Multi-hop links Features: self-organization, self-configuration, self-healing Advantages: cost effective, scalable, fault tolerant, increased range Applications: - Last mile broadband access from homes - Backbone for enterprise networks - Extended the range of other networks such as WiMAX - On the fly command centers for emergency response teams, military, etc. Auth HandOff WMN / N. Alamri 1/15/2019

WMN Architectures Three WMN architectures: Infrastructure WMN Dedicated mesh routers connected via mesh links Connect to the Internet using gateways Integrate with wired and wireless networks (bridging or gateway) Client WMN No dedicated mesh routers Clients perform routing, configuration, and maintenance Hybrid WMN Combines the features of infrastructure and client WMNs Client WMN  High throughput, multiple paths Infrastructure WMN  Integration with other radio technologies, reduce power consumption. Auth HandOff WMN / N. Alamri 1/15/2019

WMN Architectures Infrastructure WMN Hybrid WMN Auth HandOff WMN / N. Alamri 1/15/2019

WMN Components Mesh router: Dedicated mesh routers connected via mesh links Connect to the Internet using gateways Integrate with wired and wireless networks (bridging or gateway) Can improve the capacity of the network by using multi-channel single-radio (MCSR) or multi-channel multi-radio (MCMR) Mesh client: Mobile or stationary, power constrained Mostly single radio. Mesh gateway: Connect to the Internet Interoperability between WMNs and other wired and wireless networks Auth HandOff WMN / N. Alamri 1/15/2019

WMN Challenges Routing: Multi-hop, Multi-path, Multi-radio Reactive or Proactive self-organization, self-configuration, self-healing Scalability (overhead), Mobility (handoff) Hybrid Wireless Mesh Protocol (HWMP)  Ad hoc On Demand Distance Vector (AODV) + Radio-Aware metric Security: Confidentiality, Availability, Integrity, authenticity Privacy  Anonymity and Unlinkability Power Efficiency: Power constrained clients. QoS: Path selection, Guarantees, Network capacity, Fairness, Interference Auth HandOff WMN / N. Alamri 1/15/2019

802.11i Introduced in 2004 Enhanced security at MAC layer Also known as Robust Network Security (RNS) Advantages: data protection, mutual authentication, key management Authentication and Confidentiality using WPA2: AES + Counter-mode Cipher Block Chaining Message Authentication Code (CBC-MAC) Protocol (CCMP) Auth HandOff WMN / N. Alamri 1/15/2019

802.1x Part of 802.11i Port-based access control Three elements: Supplicant, Authenticator, Authentication Server Port types: Controlled, Uncontrolled Extensible Authentication protocol (EAP) Transport protocol used by 802.1X Flexible framework Different authentication methods: passwords, certificates, Kerberos, smart cards Auth HandOff WMN / N. Alamri 1/15/2019

EAP authentication methods EAP-TLS EAP-PEAP EAP-TTLS Developed By IETF Cisco, Microsoft, and RSA Funk Software and Meetinghouse Mutual Authentication Yes Secure Links TLS Tunnel Authentication method X.509 Certificates MS-CHAPv2, generic token card, and EAP-TLS CHAP, PAP, MS-CHAPv2, and EAP methods Certificate Required Both sides Server side Protect User Identity No Auth HandOff WMN / N. Alamri 1/15/2019

Security in WMN EAP-TLS for authentication, No fast handoff Extends Robust Security Network Association (RSNA) with Mesh Security Association (MSA) Two key holders: Mesh Authenticator (MA), Mesh Key Distributor (MKD) 802.11s provides secure association between MA and MKD Key hierarchy: Secure link for initial authentication Key generation and distribution Auth HandOff WMN / N. Alamri 1/15/2019

WMN key hierarchy Phase 1: Secure links Supplicant and MKD establish key hierarchy Mutually generate Pairwise Master Key (PMK-MKD) using Pre-Shared Key (PSK) or Master Session Key (MSK) Mutually generate PMK-MA; deliver to MA using MSA Phase 2: Key generation and distribution Pairwise Transient Key (PTK) derived using PMK-MA Group Transient Key (GTK) derived using PMK-MA Auth HandOff WMN / N. Alamri 1/15/2019

WMN Authentication and key generation Auth HandOff WMN / N. Alamri 1/15/2019

Related Work "PAPAR: Pairing Based Authentication Protocol with Anonymous Roaming for Wireless Mesh Networks“ by Sultan et al. (IEEE ICIT, 2014) AS generates a roaming key for each Mesh Access Point Roaming clients can be authenticated using the roaming key of the old MAP AS generates a secondary key and pseudo ID for each mesh client Provides anonymity and unlinkability "An efficient authenticated key establishment scheme for wireless mesh networks“ by He et al. (IEEE GLOBECOM, 2010) A distributed authentication key establishment scheme (AKES) for federated WMNs AS distributes some information to MAPs and clients Information + IDs are used to establish secure connections Auth HandOff WMN / N. Alamri 1/15/2019

Related Work “Ticket-based handoff authentication for wireless mesh networks” by Xu et al. (Computer Networks, 2014) For handoff only, Not initial authentication AS generates tickets using a master key shared with MAPs Ticket used to generate session key No privacy, No unlinkability "Efficient authentication for fast handover in wireless mesh networks“ by Li et al. (Computer & Security, 2013) AS generates multiple tickets for each client One-hop mutual authentication between MAP and client MAP broadcast tickets to neighbors  minimize delay and traffic overhead AS doesn’t participate in handoff Privacy  pseudo IDs Auth HandOff WMN / N. Alamri 1/15/2019

Future Work Task #1: Develop an authentication protocol Design a fast and secure mutual authentication protocol Design a secure key distribution system Add other features such as two-factor, privacy, flexibility Task #2: Develop a handoff protocol Design a ticket-based handoff protocol Design a re-authentication method for seamless roaming Task #3: Test and security evaluation Test the new protocols using a network simulator such as NS3 Build a small testbed to conduct tests and security analysis Design or use existing security evaluation framework for further assessments. Auth HandOff WMN / N. Alamri 1/15/2019

Questions & Feedback Auth HandOff WMN / N. Alamri 1/15/2019

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.