Fast certificate-based authentication scheme in multi-operator maintained wireless mesh networks

L. Buttyán, László Dóra, Fabio Martinelli, Marinella Petrocchi

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in a multi-operator environment. In this paper, we propose two certificate-based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We assume that the access point is always a constrained device, and we propose different mechanisms for mesh clients with different computational performance. For constrained devices, we propose a mechanism where weak keys are used for digital signatures to decrease the latency of the authentication. The authenticity of the weak keys are provided by short-term certificates issued by the owner of the key. The short-term certificate has the digital signature generated by the owner's long-term key. We prove formally that the use of our weak key mechanism on the mesh client side is as secure as the use of some stronger keys. We perform a detailed performance evaluation on our proof-of-concept implementation, and we also compare our solution to the current standard methods.

Original languageEnglish
Pages (from-to)907-922
Number of pages16
JournalComputer Communications
Volume33
Issue number8
DOIs
Publication statusPublished - May 17 2010

Fingerprint

Wireless mesh networks (WMN)
Authentication
Electronic document identification systems
Quality of service

Keywords

  • Authentication
  • EAP
  • Mesh networks
  • Provable security

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Fast certificate-based authentication scheme in multi-operator maintained wireless mesh networks. / Buttyán, L.; Dóra, László; Martinelli, Fabio; Petrocchi, Marinella.

In: Computer Communications, Vol. 33, No. 8, 17.05.2010, p. 907-922.

Research output: Contribution to journalArticle

Buttyán, L. ; Dóra, László ; Martinelli, Fabio ; Petrocchi, Marinella. / Fast certificate-based authentication scheme in multi-operator maintained wireless mesh networks. In: Computer Communications. 2010 ; Vol. 33, No. 8. pp. 907-922.
@article{a63bc8bc83bb4ac189dd8bcb2efc1dcd,
title = "Fast certificate-based authentication scheme in multi-operator maintained wireless mesh networks",
abstract = "In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in a multi-operator environment. In this paper, we propose two certificate-based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We assume that the access point is always a constrained device, and we propose different mechanisms for mesh clients with different computational performance. For constrained devices, we propose a mechanism where weak keys are used for digital signatures to decrease the latency of the authentication. The authenticity of the weak keys are provided by short-term certificates issued by the owner of the key. The short-term certificate has the digital signature generated by the owner's long-term key. We prove formally that the use of our weak key mechanism on the mesh client side is as secure as the use of some stronger keys. We perform a detailed performance evaluation on our proof-of-concept implementation, and we also compare our solution to the current standard methods.",
keywords = "Authentication, EAP, Mesh networks, Provable security",
author = "L. Butty{\'a}n and L{\'a}szl{\'o} D{\'o}ra and Fabio Martinelli and Marinella Petrocchi",
year = "2010",
month = "5",
day = "17",
doi = "10.1016/j.comcom.2010.01.014",
language = "English",
volume = "33",
pages = "907--922",
journal = "Computer Communications",
issn = "0140-3664",
publisher = "Elsevier",
number = "8",

}

TY - JOUR

T1 - Fast certificate-based authentication scheme in multi-operator maintained wireless mesh networks

AU - Buttyán, L.

AU - Dóra, László

AU - Martinelli, Fabio

AU - Petrocchi, Marinella

PY - 2010/5/17

Y1 - 2010/5/17

N2 - In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in a multi-operator environment. In this paper, we propose two certificate-based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We assume that the access point is always a constrained device, and we propose different mechanisms for mesh clients with different computational performance. For constrained devices, we propose a mechanism where weak keys are used for digital signatures to decrease the latency of the authentication. The authenticity of the weak keys are provided by short-term certificates issued by the owner of the key. The short-term certificate has the digital signature generated by the owner's long-term key. We prove formally that the use of our weak key mechanism on the mesh client side is as secure as the use of some stronger keys. We perform a detailed performance evaluation on our proof-of-concept implementation, and we also compare our solution to the current standard methods.

AB - In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in a multi-operator environment. In this paper, we propose two certificate-based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We assume that the access point is always a constrained device, and we propose different mechanisms for mesh clients with different computational performance. For constrained devices, we propose a mechanism where weak keys are used for digital signatures to decrease the latency of the authentication. The authenticity of the weak keys are provided by short-term certificates issued by the owner of the key. The short-term certificate has the digital signature generated by the owner's long-term key. We prove formally that the use of our weak key mechanism on the mesh client side is as secure as the use of some stronger keys. We perform a detailed performance evaluation on our proof-of-concept implementation, and we also compare our solution to the current standard methods.

KW - Authentication

KW - EAP

KW - Mesh networks

KW - Provable security

UR - http://www.scopus.com/inward/record.url?scp=77950340062&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77950340062&partnerID=8YFLogxK

U2 - 10.1016/j.comcom.2010.01.014

DO - 10.1016/j.comcom.2010.01.014

M3 - Article

AN - SCOPUS:77950340062

VL - 33

SP - 907

EP - 922

JO - Computer Communications

JF - Computer Communications

SN - 0140-3664

IS - 8

ER -