4. Contents
Wireless Mesh Network (WMN)
Security challenges in WMN
Attacks in WMN
Handover Authentication in WMN
Future scope
5. 5
• WMN is composed of three different network elements
Gateway Routers: which allows access to the wired infrastructure,
possibly the Internet or other local networks.
Mesh Routers: also known as APs form the network backbone
spanning over wide areas.
Mesh clients: include a wide range of devices like laptops or cell
phones, with varying degrees of mobility.
WMN Architecture
7. 7
Characteristics of WMN
• WMN is dynamically
self-organized,
self-configured,
self-healing,
easy maintenance,
high scalability and
reliable service with the nodes in the network
8. 8
Advantages of WMN
Auto-discovery of nodes and routes
Auto-configuration of network components
Rapid network deployment
Reduced infrastructure and operational costs
Increased network reliability
Easy network maintenance
Robustness
Reliable service coverage, etc.
& many more…
9. 9
Security challenges
Absence of trusted third party in WMNs due to
distributed network.
High communication and computational cost to perform
security operations.
Efficient key management schemes are required.
Accuracy in detection rate is required.
Providing high security services against both external
attack and internal attack in distributed network is must.
10. 10
Types of attacks in WMNs
• Eavesdropping
• Impersonating
• Wormhole Attack
• Blackhole Attack
• Sleep deprivation Attack
• Replay Attack
• Sybil Attack
• DoS and flooding Attack
• and many more…
11. 11
Efficient Authentication Protocol
during handover for Wireless Mesh
Networks
• We proposed a protocol that provides an authentication between the client
and MAP along with preserving the integrity of the transfer ticket ϴc ,
which was not considered in the existing protocols during Login
authentication protocol (LAP ) and Handover authentication protocol
(HAP).
• Our proposed protocol offers efficient authentication during handoff
operation when the client roams from its home MAP to foreign MAP.
• The experimental results shows that our protocol performs better in terms
of latency, communication cost and computational cost compared to the
existing protocols.
13. • Types of tickets issued for mutual authentication among mesh entities
1. Client Ticket: It established a trust relationship between User and MAP.
• where,
• IC = User identity.
• IA = TA identity.
• Ʈexp = expiry time of TC.
• PC = User public key.
• SigA = Digital signature of TA to ensure user legality during LAP.
}
,
,
,
,
{ exp Sig
P
I
I
T A
C
A
C
C
14. 2. MAP Ticket: It established a trust relationship between MAP and User.
• where,
• IM = MAP identity.
• IA = TA identity.
• Ʈexp = expiry time of TC.
• PC = MAP public key.
• SigA = Digital signature of TA to ensure MAP legality during LAP.
}
,
,
,
,
{ exp Sig
P
I
I
T A
M
A
M
M
15. 15
3. Transfer ticket ϴc is used during handover authentication which allows the roaming
client to authenticate with the foreign MAP . Elements within ϴc are shown below-
ϴc stores the following elements-
• IM: ID number of the MAP who issues this transfer ticket.
• IC: ID number of the client who owns this transfer ticket.
• IA: ID number of the ticket agent who issued C’s client ticket.
• Ʈ exp: expiry date and time of this ticket.
• Ni : nonce in an incremented order to prevent from a replay attack.
)
,
,
,
,
{ exp
N
I
I
I i
A
M
c
c
16. Proposed Login Authentication Protocol
(LAP)
Following are the order of the messages to be exchanged in the protocol
between Client and MAP1 authentication. Later both parties compute
the message authentication code KMAC = NC1 N
∥ M1.
I
MAP C
C :
1
T
MAP M
C 1
1
:
)
,
(
: 1
1 1
N
T
E
MAP C
C
P
C
M
)
,
(
: 1
1
1 N
N
E
MAP C
M
P
C
C
)
(
: 1
1 N
V
MAP M
K
C
MAC
)
: (
1 C
V
MAP K
C
MAC
17. 17
Proposed Handover Authentication Protocol
• When client move from home MAP1 to foreign MAPx , handover
authentication process took place. Before, handover took place the MAP1
encrypts the MAC key (i.e, KMAC = NC1 N
∥ M1) via Px of its neighboring
MAPx. Then, the encrypted MAC key is send to the neighboring MAPx .
We assumed public key of MAP's is known to each other.
N
V
MAP C
C
x K
C
MAC
,
:
N
V
MAP C
x K
C
MAC
:
18. 18
Experimental Results
Table1: Experimental Model Setup
Parameters Values
Simulator NS 3
Traffic Type CBR
Simulation Area 1000X1000m
No. of MAP’s 3
No. of Nodes 60
Transmission range of MAP’s 250 meter
Transmission range of Clients 100 meters
Simulation Time 100 sec
Node Placement Randomly
19. 19
Performance Metrics
• Authentication delay occurs when a client sends an authentication request
to a nearby MAP and the receipt of an acceptance confirmation. It is the
time required for the transmission of an authentication request and
acceptance confirmation. Authentication delay is therefore, computed as
the addition of computation cost and communication cost.
• Computation cost, occurs due to delay in processing caused by various
security operations.
• The communication cost is computed with respect to number of message
transmitted between a MAP and a client during Login (LAP) and
Handover (HAP) which results in communication delay.
20. 20
Result Analysis
• Comparison based on total computational cost during login (LAP)
• Comparison based on total computational cost during Handover (HAP)
• Comparison based on total communication cost during login (LAP)
• Comparison based on total communication cost during Handover (HAP)
21. 21
Table 2 and 3: Performance comparison between proposed
protocol and existing protocols
24. Future Scope
• To design more efficient authentication protocol by reducing
the communication cost and computational cost.
• To design an efficient Information Privacy protocol.
• To overcome the security issues related to IoT using Machine
Learning approach.
• To work in the field of Information security and blockchain.
• And many more…
25. References
• Roy, A. K., Nath, K., Srivastava, G., Gadekallu, T. R., & Lin, J. C. W. (2022).
Privacy Preserving Multi-Party Key Exchange Protocol for Wireless Mesh
Networks. Sensors, 22(5), 1958.
• Roy, A. K., & Khan, A. K. (2020). Privacy preservation with RTT based detection
‐
for wireless mesh networks. IET Information Security, 14(4), 391-400.
• Roy, A. K., & Khan, A. K. (2019). Efficient authentication and key management
scheme for wireless mesh networks. International Journal of Internet Technology
and Secured Transactions, 9(1-2), 184-200.
• Li, C., Nguyen, U.T., Nguyen, H.L., et al.: ‘Efficient authentication for fast
handover in wireless mesh networks’, Comput. Secur., 2013, 37, pp. 124–142.
• Xu, L., He, Y., Chen, X., et al.: ‘Ticket-based handoff authentication for wireless
mesh networks’, Comput. Netw., 2014, 73, pp. 185–194.
• Yang, X., Huang, X., Han, J., et al.: ‘Improved handover authentication and key
pre-distribution for wireless mesh networks’, Concurrency Computa., Pract. Exp.,
2016, 28, (10), pp. 2978–2990.
• Cryptography and Network Security; Principles and Practice, 4,5th
Edition,
William Stallings.
