Embed Size (px)
Citation preview
Yanchao Zhang, Yuguang FangWireless Networks
2006.6
MMC Lab. 임동혁
Introduction Network architecture and system
models Entity authentication Incontestable billing of mobile users System Analysis Conclusions
Large-scale WMNAuthenticationBilling
Conventional solutionHome-foreign-domain Drawback
Time-consuming, expensive execution authentication
Bilateral service level agreement(SLA) No consideration about how to reward
intermediate users for packet forwarding
UPASSNo need SLA between WMN operatorsAuthentication
ID-based cryptography(IBC)User vs serving WMNUser vs user in the same WMN
Certificate-based cryptography(CBC)Universal verifiability of passes
Billing Digital signature & one-way hash-chain Realtime micropayment approach
AssumptionsMesh router sends packets in one hop to all
users in its coverageA mobile user transmits packets multiple
hops to a mesh routerAll communications pass through a mesh
router
User-broker-operator relationship model
Broker
WMNOperato
r
User
Universal
pass
Universal
pass
Network
service
Network
service
payment
payment
usage data
usage data
Trust modelCBC for certification of trust-domain
parameter IBC in each trust domain
Trust domain setupTrust-domain parameter
(Hash function, domain-public-key, …) Certification of
domain parameterDomain-params are used
as public key
Pass modelRouter
R-NAI : routerID@operater_domain R-pass : (R-NAI, expiry-date) R-key : kH1(R-pass) k : operator’s domain-master-secret (R-pass, R-key): IBC public & private key pair
User U-NAI : userID@broker_domain U-pass : (U-NAI, expiry-date, otherTerms) U-key : kH1(U-pass) k : broker’s domain-master-secret (U-pass, U-key) : IBC public & private key pair
Pairwise shared keyUser-router authentication
Inter-domain authentication Intra-domain authentication
User-user authentication
Inter-domain authenticationU and R possesses each other’s authentic
domain-paramsProcedure
(1) (2) (3)
(4) (5) shared key :
Intra-domain authenticationBetween same WMN domainProcedure
(1) (2) (3)
Computationally efficient Fast hash instead of signature and encryption
User-user authenticationGet paid for his packet forwardingPairwise shared keys
Symmetric-key challenge-response authentication technique U1 send to U2 a challenge r1 encrypted KU1,U2
U2 report a correct response, (r1+1) U1 declares the authentication of U2 successful Similarly, U2 can authenticate U1
Billing basics Intermediate user compensation
Attaching to forwarded packet a message integrity code(MIC) calculated under its pairwise shared key with R1
R1 ascertain the user in forwarding packet for U1
Total payment (m-units per t-unit transmitted)
Payment structure
<am> : proof token <wi,t> : payment token Procedure
(1) U1R1, a1, (2) R1 checks MIC (3) saves
To use <wi+1,t> (1) U1R1, (2) R1 check (3) R1 checks MIC
Making paymentsU1 maintains a debt counter
R1 maintains a profit counter : maximum amount that user can owe : U1 make a payment
UserPayment format
(wi,j, j), where and
Micropayment (wi,j, j)
1 1U RDC
u j t
1
1 Rj u L
1 1
1U UDC DC j u L
1UDC
1UPC
1R
RouterStore payment token with highest index
(wi,k, k)
Receipt of (wi,j, j), R1 verifies j>k,
After verification, R1 replace (wi,k, k) with (wi,j, j) and
Intermediate usersR1 pay on behalf of U1
1 1U UPC PC j k L
Redemption of payment structureBroker VS R1
Payment record
Procedure
SecurityA user signs a payment structure digitallyPayment structure is both user-specific and
router-specific Low Computation
Rare public-key operationFast hash operation
Small Storage Communication
More efficient than home-foreign-domain model
UPASSFirst known secure authentication and
billing architecture for large-scale WMNsHomeless, no need for SLAsHybrid IBC/CBC trust modelLightweight realtime micropayment
approach
