無線網狀網路環境提供合法用戶直接透過任何一個鄰近的網狀路由器或是透過已經鏈結網狀路由器的其他合法用戶連結網際網路以達到其便利性之目標。因此如何確保唯有合法的用戶才能藉由網狀路由器或已經鏈結網狀路由器的合法用戶連上網際網路及如何鑑別與用戶通訊的網狀路由器及已經鏈結網狀路由器的合法用戶是否合法？變成是整個無線網狀網路必須解決的重要問題之一。本論文規劃研發適合無線網狀網路環境的相互鑑別機制。同時，我們的技術使用戶與網狀路由器或中介用戶之間建立一把會議金鑰用來保護傳送的資料。我們進一步注意到隱藏用戶的目前位置、行蹤與真實身份以保障用戶的隱私。另外，也考慮用戶於不同無線網狀網路中的漫遊議題以提昇其便利性。

One of the important functions in wireless mesh networks is that any legitimate client can connect to Internet by either any nearby mesh router or other legitimate client who has linked some mesh router. An obvious problem of this function is how to ensure that only legitimate client can connect to Internet by either any mesh router or other legitimate client who has linked some mesh router and how to prove legitimacy of a mesh router and a client who has linked some mesh router. This paper proposes mutual authentication scheme which is suitable for wireless mesh network. At the same time, we set up a session key between a client and a mesh router or between a client and an intermediary client to protect transmitted data. We further pay attention to hide location, track, and identity of clients to protect privacy of clients. Moreover, we also consider roaming issues for clients in different wireless mesh networks.

目錄 I
圖目錄 IV
表目錄 V
第1章 緒論 1
第2章 相關研究工作 10
第3章 我們的方法 13
3.1 符號 15
3.2 理論基礎與初始參數定義 15
3.3 相互鑑別並建立會議金鑰技術 18
3.3.1 註冊階段 18
3.3.2 通行證取得階段 18
3.3.3 直接相互鑑別階段 22
3.3.4 間接相互鑑別階段 24
第4章 安全分析 29
4.1 相互鑑別 29
4.1.1 CASE P-1相互鑑別功能 29
4.1.2 CASE P-2相互鑑別功能 30
4.1.3 CASE D-1相互鑑別功能 30
4.1.4 CASE D-2相互鑑別功能 31
4.1.5 CASE I-1相互鑑別功能 32
4.1.6 CASE I-2相互鑑別功能 32
4.2 向前秘密與向後秘密 33
4.2.1 CASE P-1滿足向前秘密與向後秘密功能 33
4.2.2 CASE P-2滿足向前秘密與向後秘密功能 34
4.2.3 CASE D-1滿足向前秘密與向後秘密功能 34
4.2.4 CASE D-2滿足向前秘密與向後秘密功能 34
4.2.5 CASE I-1滿足向前秘密與向後秘密功能 35
4.2.6 CASE I-2滿足向前秘密與向後秘密功能 35
4.3 隱私權 35
4.4 重送攻擊 36
4.4.1 CASE P-1抵擋重送攻擊功能 36
4.4.2 CASE P-2抵擋重送攻擊功能 36
4.4.3 CASE D-1抵擋重送攻擊功能 37
4.4.4 CASE D-2抵擋重送攻擊功能 38
4.4.5 CASE I-1抵擋重送攻擊功能 38
4.4.6 CASE I-2抵擋重送攻擊功能 39
第5章 成果比較與效能分析 40
5.1 功能比較 40
5.2 效能分析 42
第6章 無線感測網路環境中安全可靠的資料傳輸技術 45
第7章 結論與未來研究方向 53
參考文獻 54
附錄—英文論文 60

圖目錄
圖一 無線網狀網路 2
圖二 5×5階層式單向雜湊串列 11

表目錄
表一 符號 16
表二 功能比較 41
表三 效能分析I 43
表四 效能分析II 44

[1] I. Akyildiz, X.Wang, and W. Wang, “Wireless mesh networks: A survey,” Computer Networks, vol. 47, no. 4, March 2005, pp. 445-487.
[2] A. Boukerche, X. Cheng and J. Linus, “A performance evaluation of a novel energy-aware data-centric routing algorithm in wireless sensor networks,” Wireless Networks, vol. 11, issue 5, September 2005.
[3] R. Bruno, M. Conti, and E. Gregori, “Mesh networks: Commodity multihop ad hoc networks,” IEEE Communications Magazine, vol. 43, no. 3, March 2005, pp. 123-131.
[4] D. Carman, P. Kruus, and B. J. Matt, “Constraints and approaches for distributed sensor network security,” NAI Labs Technical Report 00-010, June 2000.
[5] J. Deng, C. Hartung, R. Han and S. Mishra, “A practical study of transitory master key establishment for wireless sensor networks,” First International Conference on Security and Privacy for Emerging Areas in Communications Networks, September 2005, pp. 289-302.
[6] T. Dimitriou and I. Krontiris, “A localized, distributed protocol for secure information exchange in sensor networks,” Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium, April 2005.
[7] X. Du, Y. Xiao, H. H. Chen and Q. Wu, “Secure cell relay routing protocol for sensor networks,” Wireless Communications and Mobile Computing, issue 6, 2006, pp. 375-391.
[8] M. Eltoweissy, M. F. Younis and K. Ghumman, “Lightweight key management for wireless sensor networks,” IEEE International Conference on Performance, Computing, and Communications, 2004, pp. 813-818.
[9] J. Eriksson, M. Faloutsos, and S. V. Krishnamurthy, “DART: Dynamic address routing for scalable ad hoc and mesh networks,” IEEE/ACM Transactions on Networking, vol. 15, no. 1, February 2007, pp. 119-132.
[10] L. Eschenauer and V. D. Gligor, “A key-management scheme for distributed sensor networks,” Proceedings of the 9th ACM conference on Computer and communications security, November 2002.
[11] S. M. Faccin, C. Wijting, J. Kneckt, and A. Damle, “Mesh WLAN networks: Concept and system design,” IEEE Wireless Communications, vol. 13, April 2006, pp. 10-17.
[12] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler and K. Pister, “System architecture directions for networked sensors,” Proceedings of the Ninth International Conference on Architectural Support for Programming Languages and Operating Systems ASPLOS-IX, November 2000.
[13] M. Jakobsson, J.-P. Hubaux, and L. Buttyan, “A micro-payment scheme encouraging collaboration in multi-hop cellular networks,” 7th International Conference on Financial Cryptography (FC’03), Gosier, Guadeloupe, January 2003.
[14] Y. Jiang, C. Lin, M. Shi, and X. Shen, “Multiple key sharing and distribution scheme with (n, t) threshold for NEMO group communications,” IEEE Journal on Selected Areas in Communications, vol. 24, no. 9, September 2006, pp. 1738-1747.
[15] V. Jolly, N. Kimura and S. Latifi, “Reliable multipath information dissemination via label forwarding in wireless sensor networks,” Third International Conference on Technology: New Generations ITNG 2006, April 2006, pp. 285-293.
[16] C. Karlof and D. Wagner, “Secure routing in wireless sensor networks: attacks and countermeasures,” Proceedings of the IEEE International Workshop on Sensor Network Protocols and Applications, May 2003, pp. 113-127.
[17] T. Kwon and S. H. Park, “Experimental study on wireless sensor network security,” LNCS 3975, 2006, pp. 741-743.
[18] S. B. Lee and Y. H. Choi, “A secure alternate path routing in sensor networks,” Computer Communications, vol. 30, issue 1, December 2006, pp. 153-165.
[19] W. Liu, Y. Zhang, W. Lou and Y. Fang, “A robust and energy-efficient data dissemination framework for wireless sensor networks,” Wireless Networks, vol. 12, issue 4, July 2006.
[20] W. Lou and Y. Kwon, “H-SPREAD a hybrid multipath scheme for secure and reliable data collection in wireless sensor networks,” IEEE Transactions on Vehicular Technology, vol. 55, issue 4, July 2006, pp. 1320-1330.
[21] Y. M. Lu and V. W. S. Wong, “An energy-efficient multipath routing protocol for wireless sensor networks”, IEEE 64th Vehicular Technology Conference, September 2006, pp. 1-5.
[22] S. A. Mahmud, S. Khan, S. Khan, and H. Al-Raweshidy, “A comparison of MANETs and WMNs: Commercial feasibility of community wireless networks and MANETs,”AccessNets′06, Athens, Greece, September 2006.
[23] M. Moharrum, M. Eltoweissy and R. Mukkamala, “Dynamic combinatorial key
management scheme for sensor networks,” Wireless Communications and
Mobile Computing, vol. 6, issue 7, November 2006, pp. 1017-1035.
[24] K. Ren, K. Zeng and W. Lou, “A new approach for random key pre-distribution
in large-scale wireless sensor networks,” Wireless Communications and Mobile
Computing, vol. 6, issue 3, May 2006, pp. 307-318.
[25] N. Salem, L. Buttyan, J. Hubaux, and M. Jakobsson, “A charging and rewarding
scheme for packet forwarding in multi-hop cellular networks,” ACM MobiHoc,Annapolis, Maryland, June 2003.
[26] N. B. Salem, and J. Hubaux, “Securing wireless mesh networks” IEEE Wireless
Communications, vol. 13, April 2006, pp. 50-55.
[27] X. Wu, and N. Li, “Achieving privacy in Mesh Networks,” SASN’06, Alexandria,
Virginia, USA, October 2006, pp. 13-22.
[28] M. F. Younis, K. Ghumman and M. Eltoweissy, “Location-aware combinatorial
key management scheme for clustered sensor networks,” IEEE Transactions on
Parallel and Distributed Systems, vol. 17, issue 8, August 2006, pp. 865-882.
[29] S. Zhong, J. Chen, and Y. Yang, “Sprite: A simple, cheat-proof, credit-based
system for mobile ad-hoc networks,” IEEE INFOCOM, San Francisco, CA,
April 2003.
[30] Y. Zhang, and Y. Fang, “A secure authentication and billing architecture for
wireless mesh networks,” Wireless Networks, vol. 13, no. 5, June 2006,
pp.663-678.
[31] Y. Zhang, and Y. Fang, “ARSA: An Attack-Resilient Security Architecture for
Multihop Wireless Mesh Networks,” IEEE Journal on Selected Areas in
Communications, vol. 24, no. 10, October 2006, pp. 1916-1928.
[32] Y. Zhang, W. Lou, and Y. Fang, “SIP: A secure incentive protocol against
selfishness in mobile ad hoc networks,” IEEE WCNC, Atlanta, GA, March 2004.
[33] Y. Zhang, W. Liu, W. Lou, and Y. Fang, “Securing mobile ad hoc networks with
certificateless public keys,” IEEE TRANSACTIONS ON DEPENDABLE AND
SECURE COMPUTING, vol. 3, no. 4, October-December 2006.