JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2016, Vol. 51 ›› Issue (9): 101-105.doi: 10.6040/j.issn.1671-9352.2.2015.096

Previous Articles     Next Articles

Fast authentication mechanism based on Diffie-Hellman for wireless mesh networks

SU Bin-ting1,2, XU Li1,2*, FANG He1,2, WANG Feng1,2   

  1. 1.School of Mathematics and Computer Science, Fujian Normal University, Fuzhou 350007, Fujian, China;
    2. Fujian Provincial Key Laboratory of Network Security and Cryptology, Fuzhou 350007, Fujian, China
  • Received:2015-08-17 Online:2016-09-20 Published:2016-09-23

Abstract: In order to ensure the celerity and security in mobile client switching process of wireless Mesh networks, the fast login authentication and fast handover authentication scheme based on Diffie-Hellman algorithms were proposed. In login authentication process, the Mesh client is authenticated successfully with 4 rounds of message exchange by predistribution of tickets, followed by calculating their shared handover key and delivering it to any of its neighbor. With the shared key, the handover authentication process takes a 3-message handshake to accomplish mutual authentication when clients move to a new router. During the process, the authentication server does not need to be involved. The analysis of the scheme security show that the proposed schemes have less communication and computation overhead, lower authentication latency and higher authentication efficiency. And it is secure if the user is considered trustworthy.

Key words: Diffie-Hellman algorithms, security, Mesh network, efficiency

CLC Number: 

  • TP393
[1] BRUNNO R, CONTI M, GREGORI E.Mesh networks: commodity multihop ad hoc networks[J]. IEEE communications Magazine, 2005, 43(3):123-131.
[2] WHITEHEAD P. Mesh networks: a new architecture for broadband wireless access systems[J]. IEEE Conference on Radio and Wireless(RAWCON), 2000:43-46.
[3] HE D, CHEN C, CHAN S, et al. Secure and efficient handover authentication based on bilinear pairing functions[J]. IEEE Transactions on Wireless Communications, 2012, 11(1):48-53.
[4] MISHRA A, SHIN M, CLANCY T, et al. Proactive key distribution using neighbor graphs[J]. IEEE Wireless Communications, 2003, 11(1):26-36
[5] 彭清泉, 裴庆祺, 庞辽军, 等. 一种WLAN Mesh网络快速切换认证方法[J]. 江苏大学学报, 2010, 31(4):458-463. PENG Qingquan, PEI Qingqi, PANG Liaojun, et al. Fast handover authentication method for Mesh WLAN network[J]. Journal of Jiangsu University, 2010, 31(4):458-463.
[6] BARR K, ASANOVI K. Energy aware lossless data compression[J]. ACM Transactions on Computer Systems(TOCS), 2006, 24(3):231-244.
[7] JIANG Y, LIN C, SHEN X, et al. Mutual authentication and key exchange protocols for roaming services in wireless mobile networks[J]. IEEE Transactions on Wireless Communications, 2006, 5(9):2569-2577.
[8] PARK C, HUR J, KIM C, et al. Pre-authentication for fast handoff in wireless mesh networks with mobile APs[J]. Lecture Notes in Computer Science, 2006, 4298:349-363.
[9] KASSAB M, BONNIN J M, GUILLOUARD K. Securing fast handover in WLANs: a ticket based proactive authentication scheme[C] // Proceedings of IEEE Globecom Workshops. New York: IEEE, 2007:1-6.
[10] CHANG C C, LEE C Y, CHIU Y C. Enhanced authentication scheme with anonymity for roaming service in global mobility networks[J]. Computer Communications, 2009, 32(4):611-618.
[11] LIAO Y P, WANG S S. A secure dynamic ID based remote user authentication scheme for multi-server environment[J]. Computer Standards and Interfaces, 2009, 31(1):24-29.
[12] HSIANG H C, SHIH W K. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment[J]. Computer Standards and Interfaces, 2009, 31(6):1118-1123.
[13] HE D J, MA M D, ZHANG Y, et al. A strong user authentication scheme with smart cards for wireless communications[J]. Computer Communications, 2011, 34(3): 367-374.
[14] FU A M, ZHANG Y Q, ZHU Z C, et al. A fast handover authentication mechanism based on ticket for IEEE 802.16m[J]. IEEE Communications Letters, 2010, 14(12): 1134-1136.
[15] LI G S, MA J F, JIANG Q, et al. A novel re-authentication scheme based on tickets in wireless local area networks[J]. Journal of Parallel and Distributed Computing, 2011, 71(7): 906-914.
[16] XU L, HE Y, CHEN X F, et al. Ticket-based handoff authentication for wireless mesh networks[J]. Computer Networks, 2014, 73(C): 185-194.
[17] LI C, NGUYEN U T, NGUYEN H L, et al. Efficient authentication for fast handover in wireless Mesh networks[J]. Computers and Security, 2013, 37(3):124-142.
[18] RIVEST R, SHAMIR A, ADLEMAN L. A method for obtaining digital signatures and public key cryptosystems[J]. Communication of the ACM, 1983, 26(2):96-99.
[19] ECDSA. FIPS186-3 Digital signature standard(DSS)[S]. Gaithersburg: National Institute of Standards and Technology, 2001.
[20] MANUEL S. Classification and generation of disturbance vectors for collision attacks against SHA-1[J]. Designs Codes and Cryptography, 2011, 59(1-3):247-263.
[1] CUI Zhao-yang, SUN Jia-qi, XU Song-yan, JIANG Xin. A secure clustering algorithm of Ad Hoc network for colony UAVs [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 51-59.
[2] LIU Li-zhao, YU Jia-ping, LIU Jian, LI Jun-yi, HAN Shao-bing, XU Hua-rong, LIN Huai-chuan, ZHU Shun-zhi. Secure storage addressing algorithm for large data based on quantum radiation field [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 65-74.
[3] RUAN Shu-hua, WENG Jun-hao, MAO Hui, CHEN Xue-lian. Metric model for cloud computing security risk assessment [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 71-76.
[4] MENG Bo, LU Jin-tian, WANG De-jun, HE Xu-dong. Survey of security analysis of security protocol implementations [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 1-18.
[5] TAN Ren, YIN Xiao-chuan, JIAO Xian-long, LIAN Zhe, CHEN Yu-xin. Software defined APT attack moving target defense network architecture [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 38-45.
[6] ZHU Dan, XIE Xiao-yao, XU Yang, XIA Meng-ting. Evaluation method for network security level based on cloud model and Bayesian feedback [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 53-62.
[7] LI Yang, CHENG Xiong, TONG Yan, CHEN Wei, QIN Tao, ZHANG Jian, XU Ming-di. Method for threaten users mining based on traffic statistic characteristics [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 83-88.
[8] DING Yi-tao, YANG Hai-bin, YANG Xiao-yuan, ZHOU Tan-ping. A reversible image data hiding scheme in Homomorphic encrypted domain [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(7): 104-110.
[9] YANG Shu-mian, WANG Lian-hai, ZHANG Shu-hui, XU Shu-jiang, LIU Guang-qi. A real-time monitoring and forensics method under the IaaS model [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(6): 84-91.
[10] WU Di, WANG Li-na, YU Rong-wei, ZHANG Xin, XU Lai. Multidimensional data visualization in cloud platform security monitoring [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(6): 56-63.
[11] KANG Hai-yan, MA Yue-lei. Survey on application of data mining via differential privacy [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(3): 16-23.
[12] ZHU Zhi-qiang, MA Ke-xin, SUN Lei. A zero-knowledge proof based remote desktop authentication protocol [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(9): 47-52.
[13] TANG Qian, YANG Fei, HUANG Qi, LIN Guo-yuan. Security transfer model of access control information based on TCB subsets [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(7): 98-106.
[14] WU Huan, ZHAN Jing, ZHAO Yong, TAO Zheng, YANG Jing. An efficient multilevel interconnection network security mechanism based on virtualization [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(3): 98-103.
[15] . A compact construction for non-monotonic online/offline CP-ABE [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(12): 78-86.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!