Skip to main content
SpringerLink
Log in

A secure authentication and billing architecture for wireless mesh networks

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

Wireless mesh networks (WMNs) are gaining growing interest as a promising technology for ubiquitous high-speed network access. While much effort has been made to address issues at physical, data link, and network layers, little attention has been paid to the security aspect central to the realistic deployment of WMNs. We propose UPASS, the first known secure authentication and billing architecture for large-scale WMNs. UPASS features a novel user-broker-operator trust model built upon the conventional certificate-based cryptography and the emerging ID-based cryptography. Based on the trust model, each user is furnished with a universal pass whereby to realize seamless roaming across WMN domains and get ubiquitous network access. In UPASS, the incontestable billing of mobile users is fulfilled through a lightweight realtime micropayment protocol built on the combination of digital signature and one-way hash-chain techniques. Compared to conventional solutions relying on a home-foreign-domain concept, UPASS eliminates the need for establishing bilateral roaming agreements and having realtime interactions between potentially numerous WMN operators. Our UPASS is shown to be secure and lightweight, and thus can be a practical and effective solution for future large-scale WMNs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. I. Akyildiz, X. Wang and W. Wang, “Wireless mesh networks: A survey,” Computer Networks (March 2005).

  2. The WiMAX Forum. http://www.wimaxforum.org.

  3. J. Zhou and K. Lam, “Undeniable billing in mobile communication,” in: ACM MobiCom’98, Dallas, TX (Oct. 1998).

  4. M. Jakobsson, J.-P. Hubaux and L. Buttyan, “A micro-payment scheme encouraging collaboration in multi-hop cellular networks,” in: 7th Int. Conf. Financial Cryptography (FC’03), Gosier, Guadeloupe (Jan. 2003).

  5. N. Salem, L. Buttyan, J. Hubaux and M. Jakobsson, “A charging and rewarding scheme for packet forwarding in multi-hop cellular networks,” in: ACM MobiHoc, Annapolis, Maryland (June 2003).

  6. S. Zhong, J. Chen and Y. Yang, “Sprite: A simple, cheat-proof, credit-based system for mobile ad-hoc networks,” in: IEEE INFOCOM, San Francisco, CA (April 2003).

  7. Y. Zhang, W. Lou and Y. Fang, “SIP: A secure incentive protocol against selfishness in mobile ad hoc networks,” in: IEEE WCNC, Atlanta, GA (March 2004).

  8. European Telecommunications Standards Institute (ETSI), “GSM 2.09: Security aspects” (June 1993).

  9. H. Lin and L. Harn, “Authentication protocols for personal communication systems,” in: ACM SIGCOMM’95, Cambridge, MA (Aug./Sept. 1995).

  10. 3GPP TS 21.102, 3rd Generation Partnership Project (3GPP); Technical Specification Group (TSG) SA; 3G Security; Security Architecture, version 4.2.0, Release 4 (2001).

  11. Y. Lin and Y. Chen, “‘Reducing authentication signalling traffic in third-generation mobile network,” in: IEEE Trans. Wireless Commun., Vol. 2, No. 3 (May 2003) pp. 493–501.

  12. C. Perkins, “IP mobility support for IPv4,” RFC 3344 (Aug. 2002).

  13. L. Lamport, “Password authentication with insecure communication,” in: Comm. of the ACM, Vol. 24, No. 11 (Nov. 1981) pp. 770–772.

  14. D. Boneh and M. Franklin, “Identify-based encryption from the weil pairing,” in: Proc. CRYPTO’01, ser. LNCS, Vol. 2139. Springer-Verlag (2001) pp. 213–229.

  15. P. Barreto, H. Kim, B. Bynn and M. Scott, “Efficient algorithms for pairing-based cryptosystems,” in: Proc. CRYPTO’02, ser. LNCS, Vol. 2442. Springer-Verlag (2002) pp. 354–368.

  16. M. Cagalj, S. Ganeriwal, I. Aad and J.-P. Hubaux, “On selfish behavior in csma/ca networks,” in: IEEE INFOCOM’05, Miami, FL (March 2005).

  17. Y.-C. Hu, A. Perrig and D.B. Johnson, “Ariadne: A secure on-demand routing protocol for ad hoc networks,” in: ACM MobiCom, Atlanta, GA (Sept. 2002).

  18. W. Ma and Y. Fang, “Dynamic hierarchical mobility management strategy for mobile ip networks,” in: IEEE J. Select. Areas Commun., Vol. 22, No. 4 (May 2004) pp. 664–676.

  19. C. Perkins, E. Belding-Royer and S. Das, “Ad hoc on-demand distance vector (AODV) routing,” RFC 3561 (July 2003).

  20. D. Johnson and D. Maltz, Dynamic Source Routing in Ad Hoc Wireless Networks. Kluwer Academic Publishers, Vol. 353 (1996) pp. 153–181.

  21. D. Harkins and D. Carrel, “The Internet key exchange (IKE),” RFC 2409 (Nov. 2003).

  22. D. Smetters and G. Durfee, “Domain-based administration of identity-based cryptosystems for secure email and ipsec,” in: Proc. 12th USENIX Security Symposium, Washington, DC (Aug. 2003).

  23. A. Menezes, P. van Oorschot and S. Vanston, Handbook of Applied Cryptography. CRC Press (1996).

  24. B. Aboda and M. Beadles, “The network acces identifier,” RFC 2486 (Jan. 1999).

  25. ITU-T Recommendations X.509, “Authentication framework,” Geneva (1989).

  26. NIST, “Digital hash standard,” Federal Information Processing Standards PUBlication 180-1 (April 1995).

  27. R. Dutta, R. Barua and P. Sarkar, “Pairing-based cryptography : A survey,” Cryptology ePrint Archive Report 2004/064 (2004).

  28. Hu and A. Perrig, “A survey of secure wireless ad hoc routing,” in: IEEE Security & Privacy, Vol. 2, No. 3 (May–June 2004) pp. 28–39.

  29. K. Sanzgiri, D. LaFlamme, B. Dahill, B. Levine, C. Shields and E. Belding-Royer, “‘Authenticated routing for ad hoc networks,” in: IEEE J. Select. Areas Commun., Vol. 23, No. 3 (March 2005) pp. 598–610.

  30. O. Nibouche, M. Nibouche, A. Bouridane and A. Belatreche, “Fast architectures for fpga-based implementation of rsa encryption algorithm,” in: IEEE Int. Conf. Field-Programmable Technology, Brisbane, Australia (Dec. 2004).

  31. T. Kerins, W. Marnane, E. Popovici and P. Barreto, “Efficient hardware for the tate pairing calculation in characteristic three,” in: Proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES’05), Edinburgh, Scotland (Aug./Sept. 2005).

  32. Gemplus, http://www.gemplus.com/press/archives/2004/id_security/02-11-2004-Identity-Based_Encryption.html.

  33. G. Bertoni, L. Chen, P. Fragneto, K. Harrison and G. Pelosi1, Computing tate pairing on smartcards, White Paper, STMicroelectronics, (2005). [Online]. Available: http://www.st.com/stonline/products/families/smartcard/ast_ibe.htm

  34. R. Rivest, A. Shamir and L. Adleman, “A method for obtaining digital signatures and public key cryptosystems,” in: Communications of the ACM, Vol. 21, No. 2 (Feb. 1978) pp. 120–126.

  35. B. Patel and J. Crowcroft, “Ticket based service access for the mobile user,” in: ACM MobiCom’97, Budapest, Hungary (Sept. 1997).

  36. R. Rivest and A. Shamir, “Payword and MicroMint: Two simple micropayment schemes,” in: Proc. Int. Workshop on Security Protocols, ser. LNCS, Vol. 1189. Springer-Verlag (1996) pp. 69–87.

  37. H. Tewari and D. O’Mahony, “Real-time payments for mobile IP,” in: IEEE Commun. Mag., Vol. 41, No. 2 (Feb. 2003) pp. 126–136.

  38. ——, “Multiparty micropayments for ad-hoc networks,” in: IEEE WCNC’03, New Orleans, LA (March 2003).

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL, 32611, USA

    Yanchao Zhang & Yuguang Fang

Authors
  1. Yanchao Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuguang Fang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yanchao Zhang.

Additional information

Yanchao Zhang received the B.E. degree in Computer Communications from Nanjing University of Posts and Telecommunications, Nanjing, China, in July 1999, and the M.E. degree in Computer Applications from Beijing University of Posts and Telecommunications, Beijing, China, in April 2002. Since September 2002, he has been working towards the Ph.D. degree in the Department of Electrical and Computer Engineering at the University of Florida, Gainesville, Florida, USA. His research interests are network and distributed system security, wireless networking, and mobile computing, with emphasis on mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and heterogeneous wired/wireless networks.

Yuguang Fang received the BS and MS degrees in Mathematics from Qufu Normal University, Qufu, Shandong, China, in 1984 and 1987, respectively, a Ph.D degree in Systems and Control Engineering from Department of Systems, Control and Industrial Engineering at Case Western Reserve University, Cleveland, Ohio, in January 1994, and a Ph.D degree in Electrical Engineering from Department of Electrical and Computer Engineering at Boston University, Massachusetts, in May 1997.

From 1987 to 1988, he held research and teaching position in both Department of Mathematics and the Institute of Automation at Qufu Normal University. From September 1989 to December 1993, he was a teaching/research assistant in Department of Systems, Control and Industrial Engineering at Case Western Reserve University, where he held a research associate position from January 1994 to May 1994. He held a post-doctoral position in Department of Electrical and Computer Engineering at Boston University from June 1994 to August 1995. From September 1995 to May 1997, he was a research assistant in Department of Electrical and Computer Engineering at Boston University. From June 1997 to July 1998, he was a Visiting Assistant Professor in Department of Electrical Engineering at the University of Texas at Dallas. From July 1998 to May 2000, he was an Assistant Professor in the Department of Electrical and Computer Engineering at New Jersey Institute of Technology, Newark, New Jersey. In May 2000, he joined the Department of Electrical and Computer Engineering at University of Florida, Gainesville, Florida, where he got early promotion to Associate Professor with tenure in August 2003, and to Full Professor in August 2005. His research interests span many areas including wireless networks, mobile computing, mobile communications, wireless security, automatic control, and neural networks. He has published over one hundred and fifty (150) papers in refereed professional journals and conferences. He received the National Science Foundation Faculty Early Career Award in 2001 and the Office of Naval Research Young Investigator Award in 2002. He also received the 2001 CAST Academic Award. He is listed in Marquis Who’s Who in Science and Engineering, Who’s Who in America and Who’s Who in World.

Dr. Fang has actively engaged in many professional activities. He is a senior member of the IEEE and a member of the ACM. He is an Editor for IEEE Transactions on Communications, an Editor for IEEE Transactions on Wireless Communications, an Editor for IEEE Transactions on Mobile Computing, an Editor for ACM Wireless Networks, and an Editor for IEEE Wireless Communications. He was an Editor for IEEE Journal on Selected Areas in Communications: Wireless Communications Series, an Area Editor for ACM Mobile Computing and Communications Review, an Editor for Wiley International Journal on Wireless Communications and Mobile Computing, and Feature Editor for Scanning the Literature in IEEE Personal Communications. He has also actively involved with many professional conferences such as ACM MobiCom’02 (Committee Co-Chair for Student Travel Award), MobiCom’01, IEEE INFOCOM’06, INFOCOM’05 (Vice-Chair for Technical Program Committee), INFOCOM’04, INFOCOM’03, INFOCOM’00, INFOCOM’98, IEEE WCNC’04, WCNC’02, WCNC’00 (Technical Program Vice-Chair), WCNC’99, IEEE Globecom’04 (Symposium Co-Chair), Globecom’02, and International Conference on Computer Communications and Networking (IC3N) (Technical Program Vice-Chair).

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zhang, Y., Fang, Y. A secure authentication and billing architecture for wireless mesh networks. Wireless Netw 13, 663–678 (2007). https://doi.org/10.1007/s11276-006-8148-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11276-006-8148-z

Keywords

Search

Navigation