Types of wireless networks include infrastructure-based wireless networks and ad hoc wireless networks.
Ad hoc networks are self-forming networks which can operate in the absence of any fixed infrastructure, and in some cases the ad hoc network is formed entirely of mobile nodes. An ad hoc network typically includes a number of geographically-distributed, potentially mobile units, sometimes referred to as “nodes,” which are wirelessly connected to each other by one or more links (e.g., radio frequency communication channels). The nodes can communicate with each other over a wireless media without the support of an infrastructure-based or wired network. Links or connections between these nodes can change dynamically in an arbitrary manner as existing nodes move within the ad hoc network, as new nodes join or enter the ad hoc network, or as existing nodes leave or exit the ad hoc network. Because the topology of an ad hoc network can change significantly techniques are needed which can allow the ad hoc network to dynamically adjust to these changes. Due to the lack of a central controller, many network-controlling functions can be distributed among the nodes such that the nodes can self-organize and reconfigure in response to topology changes.
One characteristic of the nodes is that each node can directly communicate over a short range with nodes which are a single “hop” away. Such nodes are sometimes referred to as “neighbor nodes.” When a node transmits packets to a destination node and the nodes are separated by more than one hop (e.g., the distance between two nodes exceeds the radio transmission range of the nodes, or a physical barrier is present between the nodes), the packets can be relayed via intermediate nodes (“multi-hopping”) until the packets reach the destination node. In such situations, each intermediate node routes the packets (e.g., data and control information) to the next node along the route, until the packets reach their final destination.
As wireless communications networks become more prevalent, security continues to be a major concern to both communication network providers and end users. This is most evident when using a mobile wireless network where the security environment can offer the greatest challenges since data may be readily received and manipulated by many nodes. The radio links used in a wireless network expose the signaling and data traversing the network to eavesdroppers and/or would-be hackers. In a multi-hop wireless network, this requires each link between the nodes to have a unique security association established through the multi-hop authentication and key management process. Then, the communications on the links can be protected with the established security associations.
Mobile nodes such as cellular phones, personal digital assistants (PDAs) and notebook computers often require authentication when accessing remote databases or networks. In prior systems, a centralized authentication procedure is followed where an Access Point (AP), such as a base station, acts as a portal between the mobile wireless network and a wired backhaul network and handles an authentication process for all nodes within range of the AP. For instance, systems which adhere to American National Standards Institute/Institute of Electrical and Electronics Engineers (ANSI/IEEE) 802.1X or ANSI/IEEE 802.11i standards utilize such a centralized procedure to control access to network resources.
IEEE 802.1X is an IEEE standard initially designed to provide authentication, access control, and key management in both wired and wireless networks. Three entities defined in 802.1X are a Supplicant, an Authenticator and an Authentication Server (AS). The Supplicant is the node seeking authentication and access authorization. The Access Server (AS), sometimes referred to as the Authentication, Authorization and Accounting (AAA) Server, authenticates and grants access, if authorized, to a Supplicant based on the Supplicant's credentials. An AS can be co-located with an Authenticator. Authentication is conducted between the Supplicant and the Authentication Server while the Authenticator acts as a pass-through of the authentication messages. The Authenticator has an uncontrolled port and a controlled port for every client. Before a client is authenticated, only authentication messages are allowed to pass through the uncontrolled port. Only after the Supplicant is successfully authenticated can other traffic be passed via the controlled port.
A protocol used for these communications between the Supplicant and the Authentication Server is EAP (Extensible Authentication Protocol). For 802.1X, EAP messages between the Supplicant and the Authenticator are encapsulated in EAPOL (EAP over local area network (LAN)) message formats. EAP is flexible and extensible in supporting multiple authentication mechanisms such as user password, certificate based authentication, one time password, authentication token or smart card, and the like. It provides a vehicle to negotiate and use appropriate authentication mechanisms including those which derive keying material at the Supplicant and the AS.
An authentication procedure can begin when a node transmits an authentication request using, for example, an Extensible Authentication Protocol (EAP) comprising EAP Over Local Area Network (EAPOL) packets. The authentication process involves several EAPOL packets being transmitted and received, beginning with an EAP start packet and finishing with either an EAP success message packet or an EAP failure message packet. EAP is a “lock step” protocol in that a new request cannot be sent prior to receiving a valid response. See [RFC 3748].
The authentication server stores the authentication credentials of a mobile device (typically called a Supplicant) that is being authenticated. Authentication servers also can be connected to other authentication servers to obtain Supplicant authentication credentials that are not stored locally.
As described in the “IEEE Standard for Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements—Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications—Amendment 6: Medium Access Control (MAC) Security Enhancements”, ANSI/IEEE 802.11i-2004, July 2004, Supplicants (or nodes seeking to authenticate and gain access) are assumed to be one hop from the Authenticator (e.g., an access point (AP)) which grants or refuses access. Traditional 802.11i does not contemplate multi-hop communication between the Supplicant and the Authenticator. Because every Supplicant can be authenticated only via an AP, such a centralized procedure requiring single hop communications between a the Supplicant and an AP providing bridging services between the mobile wireless network and a wired backhaul network might not be practical in multi-hop ad hoc wireless communication networks that have nodes outside of the wireless communication range of an AP.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present invention.