Study On Security Protocols In Heterogeneous Wireless Networks

In recent years, with the tremendous development of wireless communication technology, heterogeneous wireless networks have been widely applied. At the same time, the performance and the security of wireless networks is becoming the focus. Access authentication protocols are the basis of the wireless network security, and security information exchange schemes are the key factor of wireless networks efficiency. So it is significant to study the authentication protocol and the security information exchange scheme in the heterogeneous wireless network. The main results are as following:1. A typical interworking network can be constructed with the core network WCDMA and the accessing networks WiMAX and WLAN. Considering security and efficiency issues, a roaming authentication protocol based on symmetric cryptographic algorithms was proposed for that network. It verified the identity of wireless access networks to prevent the re-direction attack, and used the localized authentication mechanism to reduce the message transmission delay and improve the efficiency of reauthentication process. The efficiency of proposed protocol is simulated in NS2. By analyzing the security of the proposed protocol with Canetti-Krawczyk(CK)model, it proves that the proposed protocol satisfy the definition of Session Key security defined in the CK model.2. Security and privacy of wireless sensor network are key research issues recently. Most existing researches regarding wireless sensor network security consider homogenous sensor networks. To achieve better security and performance, we adopt a heterogeneous wireless sensor network model that consists of physically different types of sensor nodes. A secure message distribution scheme with configurable privacy for HWSNs is presented, which takes advantage of powerful high-end sensor nodes. The scheme establishes a message distribution topology in an efficient and secure manner. The sensor node can only generate one signature for all the messages for all the users, which can greatly save the communication and computation cost of the sensor node. On the other hand, the user can only know the messages that let him know based on a pre-set policy, which can meet the requirement of the privacy. We show that the scheme has small bandwidth requirements and it is resilient against the node compromise attack.3. The wireless mesh network is a new networking technology, but the security information exchange of mesh points (MPs) is still a discussion for the requirements of Convenience, flexibility and self-organization the current model of wireless mesh networks. So an efficient security solution of wireless mesh network is proposed, which consists of a three-party(Mesh Point, Mesh Key Distributor and Authentication Server) security information exchange protocol for the data transmission between MPs in the wireless mesh network and an ID-based broadcast encryption scheme for the secure session keys of a MP. Finally, we show that the session key has the security characters of unforgeability, confidentiality and non-repudiation, and the new protocol has a much better performance than the current solution.4. The current mobile WiMAX standard can provide data confidentiality, integrity and mutual authentication in wireless metropolitan area networks (WMANs). However, secure communication can only be provided after successful authentication and establishment of a robust security network association. In general, the wireless link layer is not protected by the current standard in WiMAX, which leads to many possible attacks, especially in the initial network entry procedure. We argue that regardless of the type of network under consideration, link-layer protection and data confidentiality are of great importance in wireless applications. In this paper, we propose our solution to patch the current mobile WiMAX standard and address all vulnerable issues with a new simple authentication key-establishment protocol and an efficient way for privacy-preserving. In simple authentication, we smoothly apply the public-key cryptography-based key-establishment technique to the WiMAX MAC protocol. Our solution can provide link-layer data encryption in initial network entry procedure, separate session encryption keys to preserving privacy of different users, and protection for important frames such as management and Extensible Authentication Protocol (EAP) messages.5. Wireless local area network (WLAN) is an important access method in the heterogeneous wireless network, which has been widely applied in people's life. An attack scenario for security protocols and application services in the heterogeneous wireless network based on WLAN is presented. Due to the radio character, the attacker can promise an access point (AP) in the open and WEP authentication mode of the WLAN, and impersonate a legal AP to attack the access authentication protocol, hijack sessions and release privacy of users. The presented scheme depicts an attack scenario of user applications, such as HTTP, IM, SIP and Media, with intercepting, tampering and injecting messages. Finally, we suggest wireless users to apply the more secure authentication mode of WLAN such as WPA, TKIP , 802.1X and WAPI.