The Authentication Research Of Wireless Mesh Networks Based On Dynamic Key Updating

Wireless Mesh Networks(WMN) is a new type of wireless network technology,which is developed on the basis of the wireless local area network (LAN) and Ad hocnetworks. It combines the advantages of the both two networks, and has a broadercoverage, higher bandwidth,more likely to be extended,etc. Wireless Mesh Networksis one of the most promising technology, and is attractive to suppliers and usersbecause of its low investment cost, as well as supports wireless broadband services.However, prior to the deployment and application, the inherent safety problems inWireless Mesh Networks need to be carefully considerate, because if there is noguarantee of security, its value will greatly reduce.In this paper,we firstly detailed analyze the characteristics of the EMSA andSAE, then the research status of these two security protocols were studied,summarized and analyzed. We then propose a new dynamic key update strategy,namely NDKUS, which is based on the traditional access authentication, the strategytakes the security and access efficiency into account. In NDKUS, after the first4-way handshake, the applicant MP and authenticator MA generate PTK (PairwiseTransient Key), then both of the two sides coordinate a random function RAND andbegin clock synchronization. Using PTK as the initial value of the random function,when the PTK updating time comes, both sides use RAND to generate a newdynamic key DPTK to encrypt the message with each other. Thus the PTK updatingoperation is no longer need4-way handshake in a session cycle. This can not onlyreduce the security issues,which caused by PTK’s long-term not updating intraditional protocol, but also effectively reduce the network performancedegradation due to PTK’s frequent updating.Secondly, in NDKUS strategy, since the4-way handshake is needed to producean initial PTK in the authentication process. We analyzed the shortage of4-wayhandshake in avoiding memory exhaustion and DoS attacks. Then we designed asecurity-enhanced3-way handshake protocol. In this protocol, it can effectivelyprevent DoS attacks by encrypting message1; at the same time, since the applicantsend needn’t save the value of ANonce, which can prevent memory exhaustion attackeffectively.Finally, we use the NS2network simulator for NDKUS simulation experiments.The results of simulation experiments show that, NDKUS can effectively improvethe security of access and improve the throughput performance of the network on acertain extent and can effectively respond to DoS attacks and memory exhaustionattack Compared with the traditional strategies.