Results

Figure 5-16 presents the relationship between PPF and LS at n = 3. Estimated results show that ISD remarkably reduces the handoff latency. At PPF = 1.0, i.e., STA does not perform preauthentication, ISD can improve the handoff latency up to 245%. Therefore, even though most of current 802.11i devices do not support preauthentication⁷, STAs can still take advantage of ISD. However, at PPF < 0.05, due to 4-way handshake

7 The preauthentication function in Windows XP with WPA2 is disabled in default.

sages are forwarded between MAP and MPP, ISD introduces larger LS, than 802.11i.

n = 3 0

100 200 300 400 500

0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 PPF

LS (ms)

11i ISD

Figure 5-16 Handoff latency with different PPF

Figure 5-17 presents LS with different cluster sizes at PPF = 1.0. At n = 5, ISD ap-proaches the minimal LS. Actually, the handoff latency of ISD is almost stable at n > 3.

For ISD, the burden incurred by the multi-hop transmission in the 4-way hand-shake counteracts the benefit of the larger cluster size. For 802.11i, EAP authentication is also delayed by the multi-hop transmission, and thus LS increases with the growing cluster size.

PP F = 1.0 0

100 200 300 400 500

1 2 3 4 5 6 7 8

n LS (ms)

11i ISD

Figure 5-17 Handoff latency with different n

LS of ISD with different cluster sizes and PPF are shown in Figure 5-18. Results in-dicate that the larger cluster size avail the handoff latency in all kinds of PPF. Besides,

the influence of PPF is decreasing with the growing cluster size.

ISD 0

100 200 300 400 500

1 2 3 4 5 6 7 8

n LS (ms)

PPF = 1.0 PPF = 0.8 PPF = 0.6 PPF = 0.4 PPF = 0.2

Figure 5-18 Handoff latency of ISD with different n and PPF

The improvement of ISD to the 802.11i with different L1X is shown in Figure 5-19.

Results show that the longer L1X flavors ISD. Therefore, no matter AS resides in the lo-cal or remote network, ISD can improve the handoff latency greatly.

PP F = 1.0 0%

200%

400%

600%

800%

1000%

1 2 3 4 5 6 7 8

n

Improvement

L1X = 400 L1X = 800 L1X = 1200 L1X = 1600 L1X = 2000

Figure 5-19 Improvement of ISD with different n and L_1X

In the condition that ISD and 802.11i generate the equal handoff latency, Figure 5-20 represents the relationship between ISD with different cluster sizes at PPF = 1.0 and 802.11i with different PPF. Results indicate that the handoff latency of ISD is equivalent to 802.11i performing preauthentication at PPF = 0.2-0.1. It means ISD pro-vides around 80%-90% successful probability for preauthentication without any

addi-tional assistance, such as network topology information or historical handoff behaviors.

ISD, PP F = 1.0 0.0

0.2 0.4 0.6 0.8 1.0

1 2 3 4 5 6 7 8

n 11i, PPF

L1X = 400 L1X = 800 L1X = 1200 L1X = 1600 L1X = 2000

Figure 5-20 Relationship between ISD and 802.11i in the equal LS

The MP topology of WLAN Mesh may be different with the proposed handoff model. Figure 5-21 presents the handoff latency with different average hop counts be-tween MAP and MPP. Results indicate that ISD can remarkably improve the handoff latency in all average hop counts, which means ISD can be applied to varied MP to-pologies.

n = 3, PP F = 1.0 0

100 200 300 400 500 600

0.0 0.5 1.0 1.5 2.0 2.5 3.0 3.5 4.0

H

LS (ms) ¹¹ⁱ

ISD

Figure 5-21 Handoff latency with different H

ISD essentially reduces the demand of 802.1X authentication but incurs the burden of the multi-hop latency in 4-way handshake. Since 802.1X authentication latency is much longer than the message transmission time, the benefit of ISD is certainly much

larger than the burden in terms of the handoff latency.

Figure 5-22 presents the relationship between PPF and TS at n = 3. Due to ISD is a centralized architecture, 4-way handshake messages are forwarded to MPP via the WLAN Mesh. At PPF < 0.55, ISD generates more handoff traffic than 802.11i. However, whereas PPF is low, the handoff traffic will not burden the network.

n = 3 0

5 10 15 20 25

0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 PPF

TS

11i ISD

Figure 5-22 Handoff traffic with different PPF

Figure 5-23 presents TS with different cluster sizes at PPF = 1.0. Results indicate that the handoff traffic generated by ISD is less than 802.11i except at n = 2. It means the benefit of reducing the number of handoffs in the larger cluster size exceeds the overhead of the growing hop count.

PP F = 1.0 0

10 20 30 40 50 60 70

1 2 3 4 5 6 7 8

n TS

11i ISD

Figure 5-23 Handoff traffic with different n

Figure 5-24 presents the handoff traffic with different average hop counts between MAP and MPP. Results indicate that ISD can reduce the handoff traffic in all average hop counts, which means ISD can be applied to varied MP topologies.

n = 3, PP F = 1.0 0

10 20 30 40 50 60 70

0.0 0.5 1.0 1.5 2.0 2.5 3.0 3.5 4.0

H

TS

11i ISD

Figure 5-24 Handoff traffic with different H

According to the estimated results, we can conclude that ISD provides great im-provement in the handoff latency when the cluster size is around 3 layers, i.e., 37 MPs connect to one MPP. This number accords with the scale of the 802.11s standard.

ISD is practical to use in current wireless environments. In terms of the power consumption, ISD estimates 802.1X authentication, and thus the battery-powered STA can balance the power consumption and the handoff performance. Furthermore, since the AS mostly resides in the core network, L1X would be longer than 400 ms. Estimated results indicate that ISD can further improve the handoff latency in this environment.

Even though ISD is the centralized architecture and forwards 4-way handshake messages to MPP, it does not result in the extra overhead in the handoff traffic. Actually, ISD can reduce the handoff traffic in all kinds of mesh networks at PPF = 1.0.

Chapter 6

Conclusion and Future Work

The authentication latency is a key factor for supporting the seamless handoff. To im-prove the handoff latency, ISD is proposed to remove 802.1X authentication from the handoff.

Another problem is the routing performance of WLAN Mesh. The hop-by-hop en-cryption delays the routing processing of MPs. An end-to-end security channel is pro-vided by ISD to solve this problem.

Another advantage of ISD is the compatibility to current 802.11i/11s devices. STAs can apply the proposed mechanism without any modification. Besides, ISD is an op-tional feature to WLAN Mesh. Original security and routing mechanism of the 802.11s standard can co-operate with ISD.

To evaluate the handoff latency introduced by the link layer security mechanism, we propose a handoff model to estimate the handoff latency for an STA roaming within the WLAN Mesh. Results indicate that ISD improves the handoff latency up to 245%

and provides 80%-90% successful preauthentication probability without any assistance.

Our future works focus on three portions. First, to evaluate the routing perform-ance, we need to implement ISD on the WLAN Mesh. The implementation can base on the open source software, hostapd. Second, proposed estimation equations can be used to evaluate other handoff mechanisms, such as 802.11r or 802.16e. The estimated results provide the quantitative analysis to the handoff latency, and the performance of the im-plementation can be evaluated. Finally, to achieve the goal of the seamless handoff, re-authentication mechanisms of conventional EAP methods have to be optimized. This

has been addressed by IETF, and a new working group called Handover Keying⁸, is composed for improving current unacceptable latency of EAP authentication in mobile wireless environments.

8 http://www.ietf.org/html.charters/hokey-charter.html

Bibliography

[1] B. Aboba, et al., “Extensible Authentication Protocol (EAP),” IETF RFC 3748, June 2004.

[2] B. Aboba, et al., “Extensible Authentication Protocol (EAP) Key Management Framework,” IETF Draft draft-ietf-eap-keying-17, January 2007.

[3] I. F. Akyildiz, et al., “Wireless Mesh Networks: A Survey,” Computer Networks Journal, vol. 47, no. 4, pp. 445-487, March 2005.

[4] I. F. Akyildiz, et al., “A New Random Walk Model for PCS Networks,” IEEE Journal on Selected Areas in Communications, vol. 18, no. 7, pp. 1254-1260, July 2000.

[5] A. Alimian and B. Aboba, “Analysis of Roaming Techniques,” IEEE 802.11 Con-tribution 802.11-04/0377r1, March 2004.

[6] M. S. Bargh, et al., “Fast Authentication Methods for Handovers between IEEE 802.11 Wireless LANs,” 2nd ACM Int. WMAS, pp. 51-60, Philadelphia, USA, October 2004.

[7] P. Calhoun, et al., “CAPWAP Protocol Binding for IEEE 802.11,” IETF Draft draft-ietf-capwap-protocol-binding-ieee80211-03, April 2007.

[8] Y. R. Chiang and C. C. Tseng, “Design and Implementation of a Topology-Aware Seamless Handover for IEEE 802.11 Wireless Networks,” National Chiao Tung University, Master Thesis, June 2006.

[9] W. S. Conner, et al., “IEEE 802.11s Tutorial: Overview of the Amendment for Wireless Local Area Mesh Networking,” IEEE 802 Plenary, Dallas, USA, Novem-ber 2006.

[10] M. S. Gast, 802.11 Wireless Networks: The Definitive Guide, Second Edition,

O’Reilly, USA, April 2005.

[11] IEEE 802.1 Working Group, “Port-Based Network Access Control,” IEEE Stan-dard 802.1X-2004, December 2004.

[12] IEEE 802.11 Working Group, “Amendment 6: Medium Access Control (MAC) Security Enhancements,” IEEE Standard 802.11i-2004, July 2004.

[13] IEEE 802.11 Working Group, “Amendment 2: Fast BSS Transition,” IEEE Stan-dard Draft P802.11r/D4.0, November 2006.

[14] IEEE 802.11 Working Group, “Amendment: ESS Mesh Networking,” IEEE Stan-dard Draft P802.11s/D1.0, November 2006.

[15] R. H. Jan and Y. C. Huang, “Fast Pre-authentication based on IEEE 802.11i,” 2nd WASN, pp. 317-324, Taoyuan, Taiwan, August 2006.

[16] A. Mishra, et al., “Pro-active Key Distribution using Neighbor Graphs,” IEEE Wireless Communication Magazine, vol. 11, no. 1, pp. 26-36, February 2004.

[17] A. Mishra, et al., “An Empirical Analysis of the IEEE 802.11 Mac Layer Handoff Process,” ACM SIGCOMM Computer Communication Review, vol. 33, pp.

93-102, April 2003.

[18] S. Pack and Y. Choi, “Fast Inter-AP Handoff Using Predictive Authentication Scheme in a Public Wireless LAN,” Networks 2002, pp.15-26, Atlanta, USA, Au-gust 2002.

[19] S. Pack and Y. Choi, “Pre-Authenticated Fast Handoff in a Public Wireless LAN Based on IEEE 802.1X Model,” IFIP Personal Wireless Communications 2002, pp.

175-182, Singapore, October 2002.

[20] M. G. Rahman and H. Imai, “Security in Wireless Communication,” Wireless Per-sonal Communications, vol. 22, pp. 213-228, August 2002.

[21] G. Xue, “An Improved Random Walk Model for PCS Networks,” IEEE Transac-tions on CommunicaTransac-tions, vol. 50, no. 8, pp. 1224-1226, August 2002.