Abstract
Wireless mesh networks have grown very rapidly in recent years, owing to the features of self-organization, low installation costs, large-scale deployment, and fault-tolerance. Fast and efficient authentication schemes are especially important in multi-hop WMNs. We propose two novel ticket-based mutual authentication protocols in order to minimize the latency, one for initial authentication and the other for fast handover. The 4-way handshake in the phase of login authentication is cut down to 2-way using the Login-Ticket. The authentication server does not need to be involved in the handover authentication process. Instead, the target mesh access points authenticate mobile clients using the tickets pre-distributed by the current access points, avoiding multi-hop wireless communications between the authentication server and the mesh clients/points. Furthermore, even if the client has to handover several times, the AS is still not required to be involved in the process. Security analysis shows that our proposed protocols are secure and resilient to various kinds of attacks. Performance analysis demonstrates that the protocols are efficient in terms of authentication delay and communications costs, thus they are very suitable for circumstance of WMNs.
Similar content being viewed by others
References
Akyildiz, I. F., Wang, X., & Wang, W. (2005). Wireless mesh networks: A survey. Computer Networks, 47(4), 445–487.
IEEE Std. 802.11i-2004. Amendment 6: Medium access control (MAC) security enhancements.
IEEE, Std. 802.11x-2001. IEEE standards for local and metropolitan area networks: Port based network access control.
IEEE 802.11 s-2006, Draft amendment: ESS mesh networking.
Mishra, A., Shin, M., & Arbaugh, W. A. (2004). Pro-active key distribution using neighbor graphs. IEEE Wireless Communications, 11, 26–36.
Kassab, M., Belghith, A., Bonnin, J., & Sassi, S. (2005). Fast pre-authentication based on proactive key distribution for 802.11 infrastructure networks. In Proceedings of ACM workshop on wireless multimedia networking and performance modeling (WMuNeP’05) (pp. 46–53).
Kassab, M., Bonnin, J., & Guillouard, K. (2007). Securing fast handover in WLANs: A ticket based proactive authentication scheme. In Proceedings of Globecom workshops (pp. 1–6).
Li, G., Chen, X., & Ma, J. (2010). A ticket-based re-authentication scheme for fast handover in wireless local area networks. In Proceedings of the 6th international conference on wireless communications networking and mobile computing (pp. 1–4).
Li, C., & Nguyen, U. T. (2010). Fast authentication for mobile clients in wireless mesh networks. In Proceedings of the 23rd Canadian conference on electrical and computer engineering (CCECE) (pp. 1–8).
Li, C., & Nguyen, U. T. (2013). Efficient authentication for fast handover in wireless mesh networks. Computer & Security, 37, 124–142.
Brown, T., & Mohan, S. (1997). Mobility management for personal communications systems. IEEE Transactions on Vehicular Technology, 46(2), 269–278.
Lee, J., Lee, J., & Chung, T. (2008). Ticket-based authentication mechanism for proxy mobile IPv6 environment. In Proceedings of systems and networks communications (pp. 304–309).
Liang, W., & Wang, W. (2005). On performance analysis of challenge/response based authentication in wireless networks. Computer Networks, 48(2), 267–288.
Braskich, T., & Emeott, S. (2007). Initial MSA comment resolution. http://mentor.ieee.org/802.11/documents.doc
Acknowledgments
The authors would like to thank the anonymous reviewers and the editor for their comments that will help them to improve this paper. This work is supported by the National Natural Science Foundation of China (61201220).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, X., Li, G. & Han, W. Ticket-Based Authentication for Fast Handover in Wireless Mesh Networks. Wireless Pers Commun 85, 1509–1523 (2015). https://doi.org/10.1007/s11277-015-2853-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-015-2853-9