Design and implementation of Wireless Packet Level Authentication

Abstract: Secure user authentication, authorization and access control have become the major challenges in any wireless security system, often due to certain wireless network characteristics such as lack of infrastructure, low power availability and mobility. Taking advantage of such network characteristics, an attacker can launch several security attacks like Denial of Service (DoS) attacks, packet spoofing and session hijacking attacks. Packet Level Authentication (PLA) provides an elegant network level solution to the aforementioned attacks by allowing every node in the network to validate the authenticity and integrity of a packet without any prior contact with the originator of the packet. The cornerstone of PLA is public key cryptography based digital signature which is added do every outgoing packet by the packet originator. Therefore, signature generation and verification schemes of PLA become infeasible in resource-constrained devices if dedicated hardware accelerator is not used. In this thesis, we present Wireless Packet Level Authentication (WPLA) that extends PLA to offer an adaptive hop-by-hop signature verification scheme. WPLA includes a lightweight signature verification approach for resource-constrained devices while retaining the public key cryptography based signature verification scheme for strong authentication. Furthermore, to ensure end-to-end data confidentiality over the unsecured channels, we integrate a symmetric encryption scheme along with secret key generation and distribution process. Finally, we implement the proposed solution and evaluate the performance of our implementation.