The proposed ISD scheme

The Proposed Security System Architecture

With ISD, security functions of the AP services, such as 802.1X authentication and robust security network association (RSNA) [48] key management, are implemented in the MPP. As shown in Fig. 4.1, the role of 802.1X authenticator is adopted by the MPP instead of the serving MAP.

MAP is the edge of WLAN Mesh and responsible for blocking malicious MNs from accessing the network. In order to provide the ability for MAP to verify frame

RADIUSͲA.ͲReq.

RADIUSͲA.ͲChallenge RADIUSͲA.ͲReq.

RADIUSͲA.ͲAccept(MSK)

MAP MP … MPP(Authenticator) AS

MN(Supplicant)

Figure 4.3: RSNA establishment with ISD

integrity, pairwise transient key (PTK) and group traffic key (GTK) are distributed from MPP to the serving MAP via secured mesh links right after 4-way handshake.

Fig. 4.2 shows the PTK distribution.

RSNA Establishment

While an MN initially associated to any MAP within the ISD, it is required to perform 802.1X authentication and 4-way handshake to establish the security asso-ciation with the MPP. For being compatible with conventional MNs, the message flows in the MN portion are identical to ISD and 802.11i in the RSNA establishment.

Since MPP is an authenticator, serving MAP participates in neither 802.1X au-thentication nor 4-way handshake but forwards all auau-thentication messages between MN and MPP. Fig. 4.3 illustrates the procedures of RSNA establishment for an MN initially authenticating with an MAP within the ISD.

1. The serving MAP checks the Association Request frame to see is any PMKID included. If not, an MN Authentication Request message is sent to the MPP to initialize 802.1X authentication

2. The MN and the MPP perform 802.1X authentication and 4-way handshake, and all messages are forwarded via the serving MAP.

CurrentMAP MP … MPP(Authenticator) AS

Figure 4.4: Intra-MPP handoff with ISD

3. The MPP distributes the PTK to the serving MAP for integrity verifying.

4. Once the serving MAP obtains the PTK, it will switch the port to the autho-rized state, and thus the MN is able to access the network.

5. If a GTK is assigned by the MPP in 4-way handshake, it will be distributed to the serving MAP as well.

Handoff Procedures

802.11s allows multiple MPPs reside in one WLAN Mesh, and thus the handoff behaviors with ISD are categorized into intra-MPP handoff and inter-MPP handoff.

Moreover, the authentication procedures vary in the two types.

1. Intra-MPP handoff

Intra-MPP handoff means that an MN drops current connection and re-associates with another MAP connecting to the same MPP.

Since MPP is the authenticator, MN does not change the authenticator in the intra-MPP handoff. If the PMK is cached by the authenticator, 802.1X authentication will be skipped. Fig. 4.4 illustrates the message flows of intra-MPP handoff.

(a) The MN re-associates with the target MAP. The PMKID is passed to the MPP for verifying the PMK cached in the MN.

(b) The PMKID is compared with the PMK cached in the MPP. If the PMKID is valid, the MPP will inform the target MAP with a PMK Verification Success message.

(c) Some implementations of the supplicant use the EAPOL-Start message to initialize 802.1X authentication. If the target MAP receives an EAPOL-Start message, it will reply an EAP-Success message to skip the EAP authentication.

(d) Following 4-way handshake and PTK distribution are identical to the RSNA establishment mentioned before.

2. Inter-MPP handoff

Inter-MPP handoff is performed while an MN moves from one MAP to another MAP connecting to the different MPP. The MN will switch to another ISD in the inter-MPP handoff. If the ISD has not been visited by the MN or the cached PMK is expired, pre-authentication will be performed. However, the MN may fail to pre-authenticate with the new MPP, and thus the overhead of 802.1X authentication is introduced.

There are many factors cause pre-authentication to be failed, such as the moving speed of the MN, the size of the overlapping coverage area, the target AP prediction, the latency of EAP authentication, etc.

Fig. 4.5 illustrates the message flows of inter-MPP handoff and RSNA estab-lishment. Detail procedures are as follows:

(a) The MN re-associates with the target MAP. The PMKID is forwarded to the MPP for verifying the PMK cached in the MN.

(b) Since the new MPP does not cache the PMK, the PMKID verification is failed, and a message will be sent to the target MAP for informing that following authentication messages should be forwarded to the MPP.

RADIUSͲA.ͲReq.

RADIUSͲA.ͲChallenge RADIUSͲA.ͲReq.

RADIUSͲA.ͲAccept(MSK)

TargetMAP MP … MPP(Authenticator) AS

MN(Supplicant)

Figure 4.5: Inter-MPP handoff with ISD

(c) 802.1X authentication and 4-way handshake are performed, followed by the PTK distribution. The procedures are the same as the RSNA estab-lishment described in section 4.1.1.

Encapsulation

To mitigate the routing overhead incurred by the hop-by-hop encryption in the multi-hop network, the proposed mechanism establishes an end-to-end security chan-nel between MN and MPP. Therefore, if the correspondent host is outside the WLAN Mesh, encryption and decryption operations will be only performed by serving MAP and MPP.

We construct a bidirectional MAC tunnel between serving MAP and MPP to avoid the MAC header used as the input of the frame encryption processing being modified. Fig. 4.6 gives an instance to explain the encapsulation processing of ISD.

The MN transmits a WLAN frame to the destination which is outside the WLAN Mesh, e.g., the default gateway (GW). Detail procedures are as follows:

1. The MN constructs a WLAN frame (H1 + P, where H1 is the header of the WLAN frame, and P is the payload) and encrypts the frame with the PTK.

2. The WLAN frame is transmitted to the serving MAP via an 802.11 link.

MPP

MP MP

MAP MAP MAP MAP

PTK

PTK PTK

P H1 H2

P H1 H2

P H1

MN

GW

P H1

Figure 4.6: Encapsulation processing (external destination)

3. The MAP verifies the MIC code of the frame with the PTK. If the MIC code is invalid, this frame will be discarded, otherwise the destination will be examined.

4. If the destination is outside the WLAN Mesh, the MAP will encapsulate the WLAN frame into a WLAN Mesh frame (H2 + H1 + P, where H2 is the header of the WLAN Mesh frame) and forward the frame to the next hop. Thus, the inner header (H1) will not be altered in the routing.

5. The MP forwards the frame to the next hop. No further operations are needed.

6. The MPP removes the WLAN Mesh header (H2) and decrypts the WLAN frame (H1 + P) with the PTK.

7. Finally, the MPP encapsulates the payload (P) into an Ethernet frame and forwards the frame to the destination.

Fig. 4.7 illustrates the encapsulation processing for the source which is outside the WLAN Mesh. For example, the GW transmits an Ethernet frame to the MN.

1. The MPP receives an Ethernet frame and translates into the WLAN Mesh format (H2 + P). The frame is encrypted by the PTK and encapsulated into

MPP

Figure 4.7: Encapsulation processing (external source)

another WLAN Mesh Frame (H2 + H2 + P). Two identical WLAN Mesh headers can keep the inner header intact in the routing. After encryption and encapsulation processing finished, the MPP forwards the frame to the next hop.

2. The MP forwards the frame to the next hop.

3. The MAP removes the outer WLAN Mesh header (H2) and decrypts the inner WLAN Mesh frame (H2 + P) with the PTK.

4. The MAP encapsulates the payload (P) into a WLAN frame (H1 + P) and encrypts the frame with the PTK. Finally, the MAP forwards the WLAN frame to the MN.

To improve the routing performance, if destination and source are both reside the WLAN Mesh, 802.11s will apply the shortcut routing path instead of the regular routing path while. For example, as shown in Fig. 4.8, D→B→A→C→G is replaced by D→B→C→G.

To support the shortcut routing path, ISD applies the original hop-by-hop en-cryption of 802.11s. Fig. 4.8 shows the encapsulation processing for the MN1 trans-mitting a WLAN frame to the MN2. Detail procedures are as follows:

A

Figure 4.8: Encapsulation processing (internal)

1. The MN1 constructs a WLAN frame (H1 + P). The frame is encrypted with the PTK 1 and transmitted to the MAP D.

2. The MAP D decrypts the WLAN frame with the PTK 1 and encapsulates the payload (P) into a WLAN Mesh frame (H2 + P). The frame is encrypted with the PTK DB and forwarded to the MP B.

3. The MP B and the MP C decrypt the frame and then re-encrypt it with the PTK of the next-hop. After that, the frame is forwarded to the next-hop.

4. The MAP G decrypts the WLAN Mesh frame with the PTK CG and encap-sulates the payload (P) into a WLAN frame (H5 + P). The frame is encrypted with the PTK 2 and forwarded to the MN2.

5. MN2 decrypts the WLAN frame with the PTK 2.