Trust- and clustering-based authentication service in MANET.

January 2004

Ngai Cheuk Han. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2004. / Includes bibliographical references (leaves 110-117). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Background Study --- p.5 / Chapter 2.1 --- Mobile Ad Hoc Networks --- p.5 / Chapter 2.1.1 --- Definition --- p.5 / Chapter 2.1.2 --- Characteristics --- p.5 / Chapter 2.1.3 --- Applications --- p.6 / Chapter 2.1.4 --- Standards --- p.7 / Chapter 2.1.5 --- Routing Protocols --- p.8 / Chapter 2.2 --- Security in Mobile Ad Hoc Networks --- p.11 / Chapter 2.2.1 --- Vulnerabilities --- p.11 / Chapter 2.2.2 --- Motivation for the Attacks --- p.12 / Chapter 2.2.3 --- Types of Attacks --- p.13 / Chapter 2.3 --- Cryptography --- p.13 / Chapter 2.3.1 --- Cryptographic goals --- p.13 / Chapter 2.3.2 --- Symmetric-key encryption --- p.14 / Chapter 2.3.3 --- Asymmetric-key encryption --- p.14 / Chapter 2.3.4 --- Digital Signatures --- p.15 / Chapter 2.3.5 --- Digital Certificates --- p.15 / Chapter 2.3.6 --- Certificate Authority --- p.16 / Chapter 2.4 --- Literature Review --- p.17 / Chapter 3 --- Related Work --- p.23 / Chapter 4 --- Architecture and Models --- p.26 / Chapter 4.1 --- Architecture of the Authentication Service --- p.26 / Chapter 4.2 --- The Network Model --- p.28 / Chapter 4.2.1 --- Clustering-Based Structure --- p.31 / Chapter 4.2.2 --- Clusterhead Selection Criteria and Role --- p.33 / Chapter 4.3 --- The Trust Model --- p.37 / Chapter 4.3.1 --- Direct TVust --- p.40 / Chapter 4.3.2 --- Recommendation Trust --- p.41 / Chapter 4.3.3 --- Deriving Direct Trust --- p.41 / Chapter 5 --- Trust- and Clustering-Based Authentication Service --- p.43 / Chapter 5.1 --- Clustering Structure Formation and Maintenance --- p.43 / Chapter 5.1.1 --- Clustering Structure Formation --- p.43 / Chapter 5.1.2 --- Network Maintenance --- p.45 / Chapter 5.2 --- Security Operations --- p.50 / Chapter 5.2.1 --- Public Key Certification --- p.51 / Chapter 5.2.2 --- Identification of Malicious Nodes --- p.55 / Chapter 5.2.3 --- Trust Value Update --- p.58 / Chapter 5.3 --- Special Scenarios --- p.60 / Chapter 5.3.1 --- Join the network --- p.60 / Chapter 5.3.2 --- Move to another cluster --- p.61 / Chapter 5.3.3 --- Not Enough Introducer --- p.62 / Chapter 6 --- Simulations and Results --- p.65 / Chapter 6.1 --- Authentication Service Based on Trust and Network Mod- els --- p.65 / Chapter 6.1.1 --- Experiments Set-Up --- p.65 / Chapter 6.1.2 --- Simulation Results --- p.67 / Chapter 6.2 --- Clusters Formation and Maintenance --- p.85 / Chapter 6.2.1 --- Experiments Set-Up --- p.85 / Chapter 6.2.2 --- Simulation Results --- p.86 / Chapter 6.3 --- Authentication Service Based on Trust and Network Mod- els with Clusters Formation and Maintenance --- p.91 / Chapter 6.3.1 --- Experiments Set-Up --- p.91 / Chapter 6.3.2 --- Simulation Results --- p.94 / Chapter 7 --- Conclusion --- p.108 / Bibliography --- p.117

Wireless LANs--Security measures

Authentication

Wireless LAN security.

January 2005

Chan Pak To Patrick. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2005. / Includes bibliographical references (leaves 82-86). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iii / Contents --- p.iv / List of Figures --- p.vii / List of Tables --- p.viii / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Motivation --- p.1 / Chapter 1.2 --- The Problems --- p.3 / Chapter 1.3 --- My Contribution --- p.4 / Chapter 1.4 --- Thesis Organization --- p.5 / Chapter 2 --- Wireless LAN Security Model --- p.6 / Chapter 2.1 --- Preliminary Definitions on WLAN --- p.6 / Chapter 2.2 --- Security Model --- p.7 / Chapter 2.2.1 --- Security Attributes --- p.7 / Chapter 2.2.2 --- Security Threats in WLAN --- p.8 / Chapter 2.2.3 --- Attacks on Authentication Scheme --- p.10 / Chapter 2.2.4 --- Attacks on Keys --- p.10 / Chapter 2.3 --- Desired Properties of WLAN Authentication --- p.11 / Chapter 2.3.1 --- Security Requirements of WLAN Authentication --- p.11 / Chapter 2.3.2 --- Security Requirements of Session Keys --- p.12 / Chapter 2.3.3 --- Other Desired Properties of WLAN Authentication --- p.12 / Chapter 3 --- Cryptography --- p.14 / Chapter 3.1 --- Overview on Cryptography --- p.14 / Chapter 3.2 --- Symmetric-key Encryption --- p.15 / Chapter 3.2.1 --- Data Encryption Standard (DES) --- p.15 / Chapter 3.2.2 --- Advanced Encryption Standard (AES) --- p.15 / Chapter 3.2.3 --- RC4 --- p.16 / Chapter 3.3 --- Public-key Cryptography --- p.16 / Chapter 3.3.1 --- RSA Problem and Related Encryption Schemes --- p.17 / Chapter 3.3.2 --- Discrete Logarithm Problem and Related Encryption Schemes --- p.18 / Chapter 3.3.3 --- Elliptic Curve Cryptosystems --- p.19 / Chapter 3.3.4 --- Digital Signature --- p.19 / Chapter 3.4 --- Public Key Infrastructure --- p.20 / Chapter 3.5 --- Hash Functions and Message Authentication Code --- p.21 / Chapter 3.5.1 --- SHA-256 --- p.22 / Chapter 3.5.2 --- Message Authentication Code --- p.22 / Chapter 3.6 --- Entity Authentication --- p.23 / Chapter 3.6.1 --- ISO/IEC 9798-4 Three-pass Mutual --- p.23 / Chapter 3.6.2 --- ISO/IEC 9798-4 One-pass Unilateral --- p.24 / Chapter 3.7 --- Key Establishment --- p.24 / Chapter 3.7.1 --- Diffie-Hellman Key Exchange --- p.24 / Chapter 3.7.2 --- Station-to-Station Protocol --- p.25 / Chapter 3.8 --- Identity-Based Cryptography --- p.25 / Chapter 3.8.1 --- The Boneh-Franklin Encryption Scheme --- p.26 / Chapter 3.8.2 --- Au and Wei's Identification Scheme and Signature Scheme --- p.27 / Chapter 4 --- Basics of WLAN Security and WEP --- p.29 / Chapter 4.1 --- Basics of WLAN Security --- p.29 / Chapter 4.1.1 --- "Overview on ""Old"" WLAN Security" --- p.29 / Chapter 4.1.2 --- Some Basic Security Measures --- p.29 / Chapter 4.1.3 --- Virtual Private Network (VPN) --- p.30 / Chapter 4.2 --- WEP --- p.31 / Chapter 4.2.1 --- Overview on Wired Equivalent Privacy (WEP) --- p.31 / Chapter 4.2.2 --- Security Analysis on WEP --- p.33 / Chapter 5 --- IEEE 802.11i --- p.38 / Chapter 5.1 --- Overview on IEEE 802.11i and RSN --- p.38 / Chapter 5.2 --- IEEE 802.1X Access Control in IEEE 802.11i --- p.39 / Chapter 5.2.1 --- Participants --- p.39 / Chapter 5.2.2 --- Port-based Access Control --- p.40 / Chapter 5.2.3 --- EAP and EAPOL --- p.40 / Chapter 5.2.4 --- RADIUS --- p.41 / Chapter 5.2.5 --- Authentication Message Exchange --- p.41 / Chapter 5.2.6 --- Security Analysis --- p.41 / Chapter 5.3 --- RSN Key Management --- p.43 / Chapter 5.3.1 --- RSN Pairwise Key Hierarchy --- p.43 / Chapter 5.3.2 --- RSN Group Key Hierarchy --- p.43 / Chapter 5.3.3 --- Four-way Handshake and Group Key Handshake --- p.44 / Chapter 5.4 --- RSN Encryption and Data Integrity --- p.45 / Chapter 5.4.1 --- TKIP --- p.45 / Chapter 5.4.2 --- CCMP --- p.46 / Chapter 5.5 --- Upper Layer Authentication Protocols --- p.47 / Chapter 5.5.1 --- Overview on the Upper Layer Authentication --- p.47 / Chapter 5.5.2 --- EAP-TLS --- p.48 / Chapter 5.5.3 --- Other Popular ULA Protocols --- p.50 / Chapter 6 --- Proposed IEEE 802.11i Authentication Scheme --- p.52 / Chapter 6.1 --- Proposed Protocol --- p.52 / Chapter 6.1.1 --- Overview --- p.52 / Chapter 6.1.2 --- The AUTHENTICATE Protocol --- p.56 / Chapter 6.1.3 --- The RECONNECT Protocol --- p.59 / Chapter 6.1.4 --- Packet Format --- p.61 / Chapter 6.1.5 --- Ciphersuites Negotiation --- p.64 / Chapter 6.1.6 --- Delegation --- p.64 / Chapter 6.1.7 --- Identity Privacy --- p.68 / Chapter 6.2 --- Security Considerations --- p.68 / Chapter 6.2.1 --- Security of the AUTHENTICATE protocol --- p.68 / Chapter 6.2.2 --- Security of the RECONNECT protocol --- p.69 / Chapter 6.2.3 --- Security of Key Derivation --- p.70 / Chapter 6.2.4 --- EAP Security Claims and EAP Methods Requirements --- p.72 / Chapter 6.3 --- Efficiency Analysis --- p.76 / Chapter 6.3.1 --- Overview --- p.76 / Chapter 6.3.2 --- Bandwidth Performance --- p.76 / Chapter 6.3.3 --- Computation Speed --- p.76 / Chapter 7 --- Conclusion --- p.79 / Chapter 7.1 --- Summary --- p.79 / Chapter 7.2 --- Future Work --- p.80 / Bibliography --- p.82

Wireless LANs--Security measures

IEEE 802.11 (Standard)

IEEE 802.11 wireless LAN traffic analysis: a cross-layer approach

Na, Chen

28 August 2008

Not available / text

IEEE 802.11 (Standard)

Wireless LANs--Security measures

WISP: a wireless information security portal

Diakite, Soumaila Dit Moule

10 March 2010

M.Sc. / Wireless networking is a fairly new technology that is important in information technology (IT). Hotels, Airports, Coffee shops, and homes are all installing wireless networks at a record pace, making wireless networks the best choice for consumers. This popularity of wireless networks is because of the affordability of wireless networks devices, and the easy installation [11]. In spite of the popularity of the wireless networks, one factor that has prevented them from being even more widespread can be summed up in a single word: security. It comes as no surprise that these two – wireless and security – converge to create one of the most important topics in the IT industry today [11]. Wireless networks by nature bring about new challenges unique to its environment. One example of these new challenges is: “Signal overflow beyond physical walls”, and with these kinds of new challenges unique to wireless networks, we have new security risks. Hence wireless networks lend themselves to a host of attack possibilities and risks. That is because wireless networks provide a convenient network access point for an attacker, potentially beyond the physical security controls of the organization [7]. Therefore it is challenging for managers to introduce wireless networks and properly manage the security of wireless networks, Security problems of wireless networks are the main reason for wireless networks not being rolled out optimally [1]. In this dissertation, we aim to present to both specialist and non–specialists in the IT industry the information needed to protect a wireless network. We will first identify and discuss the different security requirements of wireless networks. After that we shall examine the technology that helps make wireless networks secure, and describe the type of attacks against wireless networks and defense techniques to secure wireless networks. The research will concentrate on wireless LANs (Local Area Networks), and leading wireless LAN protocols and standards. The result of the research will be used to create WISP (A Wireless Information Security Portal). WISP will be a tool to support the management of a secure wireless network, and help assure the confidentiality, integrity, and availability of the information systems in a wireless network environment.

Wireless LANs security measures

Computer networks security measures

Passive, active and absorbing frequency selective surfaces for wireless communication applications

Kiani, Ghaffer I (Ghaffer Iqbal)

January 2008

"March, 2009". / Thesis (PhD)--Macquarie University, Faculty of Science, Dept. of Physics & Engineering, 2008. / Bibliography: p. 145-158. / Introduction -- Frequency selective surfaces -- Absorb/transmit frequency selective surface absorber -- Switchable frequency selective surface for wireless applications -- Energy-saving glass characterisation -- Frequency selective surface solution for energy-saving glass -- Conclusion. / This thesis presents three topics related to frequency selective surfaces (FSSs), namely bsorb/transmit FSSs, active FSSs and passive bandpass FSSs for energy-saving glass used in modern buildings. These three FSSs are unique in their design and functionalities. The absorb/transmit FSS is a novel dual-layer frequency selective surface for 5 GHz WLAN applications. This FSS can stop propagation of specific bands by absorbing as opposed to re ecting, while passing other useful signals. This is in contrast to the conventional Salisbury and Jaumann absorbers, which provide good absorption in the desired band while the out-of-band frequencies are attenuated. The second topic is a single-layer bandpass active FSS that can be switched between ON and OFF states to control the transmission in 2.45 GHz WLAN applications. Previously, researchers have focused on the bandstop and dual-layer versions of the active FSS. This is in contrast to the design presented in this thesis which is single-layer and provides extra advantage in a practical WLAN environment. Also the dc biasing techniques that were used for the active FSS design are easier to implement and provide good frequency stability for different angles of incidence and polarisations in both ON and OFF states. The last topic is on the use of a bandpass FSS in energy-saving glass panels used in building design. The manufacturers of these glass panels apply a very thin metal-oxide coating on one side of the glass panels to provide extra infrared (heat) attenuation. However, due to the presence of the coating, these energy-saving glass panels also attenuate communication signals such as GSM 900, GSM 1800/1900, UMTS and 3G mobile signals etc. This creates a major communication problem when buildings are constructed with windows of this glass. In this thesis, a solution to this problem is presented by designing and etching a cross-dipole bandpass FSS on the coated side of the glass to pass the useful signals while keeping infrared attenuation at an acceptable level. One of the advantages of this FSS design is that measured material values of the metal-oxide coating are used for simulations, which have not been done previously. / Mode of access: World Wide Web. / 166 p. ill. (some col.)

Frequency selective surfaces

Electric filters, Active

Electric filters, Passive

Electric filters, Bandpass

Absorbers (Materials)

Diodes, Switching

Wireless communication systems

Wireless LANs -- Security measures

active

absorber

frequency selective surfaces

PIN diode

security

wireless communication

WLAN security