| Wireless Mesh network is developing rapidly in recent years, which is considered as an emerging network communication technology. While taking convenience to life, network security authentication should be taken seriously. Because of its wireless transmission and multi-hop features, data packets are easily suffering monitoring, stealing and modifying from malicious attackers in the process of transmission.The existing authentication mechanisms is based on the research and improvement of 802.1x protocols, which is always subject to centralized authentication, time delay or one-way authentication when it is applied to the wireless Mesh network authentication. Set in the security of wireless Mesh networks, with the purpose of the implement of high security and feasibility of node authentication, and combining with the corresponding data packet encryption and decryption algorithms, this thesis puts forward a new improved scheme based on the research and defect analysis of wireless LAN’s existing Authentication Mechanism and a large number of relevant literature. The main contents is as follows:(1) A new routing node authentication scheme is proposed. This scheme eliminates the dependence on the traditional servers, and realizes the two-way authentication between the nodes. The encryption algorithm and asymmetric encryption algorithm are decomposed in the process of authentication, which reduces the number of the encryption and decryption algorithms. A less interaction and secure authentication has been joined in the process to prevent malicious nodes from interception or tampering after the authentication. The security of this scheme is based on the difficulty of computing the discrete logarithm and the decomposition of a large number, and realizes the double protection of transmission data packets.(2) A new terminal node roaming authentication scheme is proposed. This scheme not only focuses on the authentication between nodes, but also increases the management of the terminal node to transmit data packets. The innovation point of the scheme is that the terminal node based on the local table is transmitted, and the roaming authentication of terminal nodes is achieved through the trust relationship between the nodes. Data packets of the terminal node are been captured and responded in order to answer the case of the failure of the node; the terminal node is oriented to the route node of the current request through the hijack of data packets.(3) A new structure of data packet and trust list is designed. To prevent malicious nodes from accessing the network through illegal channels, retransmission and timing is added to the structure of the new data packet; to achieve the marking of different nodes, trust flag and timing is added to the new trust list; the original MAC is added to achieve the function of the terminal node local query. In the process of authentication, if the number of retransmission times reaches to the maximum, start timing function. If reply data packets are not received, end the authentication and add authentication node to the blacklist, so trust signs in trust list change.In this thesis, the design scheme is added to the protocol of independent research and development in the laboratory. The test environment is set up to verify the performance of the proposed scheme and existing authentication mechanisms in the same environment. The results show that the new scheme which has a good performance in security and authentication efficiency can be better applied to the wireless Mesh network compared with other authentication mechanisms. |
PDF Full Text Request