An Efficient Self-Organized Authentication and Key Management Scheme for Distributed Multihop Relay- Based IEEE 802.

16 Networks
ABSTRACT:
Wireless internet services are rapidly expanding an improving, it is important to provide users with not only high speed and high quality wireless service but also secured. Multihop relay-based support was added, which not only help for improving coverage and throughput but also provides features such as lower backhaul deployment cost, easy setup, robustness and reconfigurability, which make it one of the indispensable technologies in next generation wireless network. A WiMAX network usually operates in a highly dynamic and open environment therefore it is known to be more vulnerable to security holes. Security holes most of the time is trade off with authentication and key management overheads. In order to operate securely, communication must be scheduled either by a distributed, centralized or hybrid security control algorithms with less authentication and key management overheads. In this paper, we propose a new fully self-organized efficient authentication and key management scheme (SEAKS) for hopby-hop distributed and localized security control for Multihop non-transparent relay based IEEE 802.16 networks which not only helps in security counter measures but also reduce the authentication and key maintenance overheads. The proposed scheme provides hybrid security controls between distributed authentication and localized re-authentication and key maintenance. The proposed scheme uses distributed nontransparent decode and forward relays for distributed authentication when any non-transparent Relays (NRS) want to join the networks and uses localized authentication when NRSs want to re authenticate and do key maintenance. We analyze the procedures of the proposed scheme in details and examine how it works significantly to reduce overall authentication overheads and counter measures for security vulnerabilities such as Denial of Service, Replay and interleaving attacks.

EXISTING SYSTEM:
In Multihop Relay (MR) network, two different security modes are referred, the first one is referred to as the centralized security mode which is based on key management between an Multihop Relay Base Station (MR-BS) and an Mobile Station(MS), here Relay Station (RS) is just an amplify and forward, but in the second security mode, referred to as distributed modes, which incorporate authentication and key management between an MR-BS and a nontransparent RS we called as NRS and between the NRS and a MS. During the registration process, an RS can be configured to operate in distributed security mode based on its capability.

PROPOSED SYSTEM:
In this paper, we addressed a self organized efficient authentication and key management scheme (SEAKS), hop-by- hop authentication and key management scheme in nontransparent Relay-based WiMAX network. This scheme is suitable for both fixed as well as mobile nontransparent Relays. We have presented our security goals and stated security analysis of proposed scheme to evaluate it against those goals. SEAKS provides hybrid authentication scheme with distributed authentication and localized re authentication and key maintenance. However, this technique not only helps in minimizing the overall authentication overhead on MR-BS and AAA server but also provides efficient way to countermeasure the vulnerabilities In this scheme, NRS need to first authenticate itself with MR-BS prior to accept AUTHREQ from other NRS/MS once authenticated and get the required AK/SAID, it continue its AK/TEK authorization state machines to refresh above keys. After authenticated, it can start broadcasting UL-MAP to accept AUTH-REQ , after receiving any AUTH-REQ it send it to MR-BS for validation, MR-BS authenticate and send AK/SAID for particular request, NRS receives and encrypt it with public key of requesting NRS and send back. Now requesting NRS start authorization state machines torefresh above keys with NRS, at any time, all the NRS and MR-BS will maintain their local repositories. If any NRS cannot refresh its key within particular given time due to uncertain circumstances, according to standard, it have to re-authenticate with MR-BS, but in our scheme, it will send the request to NRS, NRS will look into its local repositories, if found then send AK/SAID by itself

it will send the AUTHREQ to MR-BS for authentication and validation and consider it as a new NRS/MS.

MODULES:
This project consists of the following modules. 1. Network Assumption 2. Node Assumption 3. Key management 4. Route finding 5. Data Transmission 6. Security attacks a. Man in middle b. Sybil c. DOS attack

SYSTEM REQUIREMENT SPECIFICATIONS: Software Specification:

Operating System Front End : : Windows XP Java (Swing)

Hardware Specification:
Processor RAM Hard Disk : : : Pentium IV 512MB 20GB