On ESS Mesh Device Discovery

1. On ESS Mesh Device Discovery Tyan-Shu Jou, Ted Kuo, and Ming Sheu Janusys Networks, Inc. May 11, 2004 Tyan-Shu Jou, et al., Janusys Networks

2. General Requirements • Automatic establishment of WDS “connections” between mesh nodes • Mutual authentication between mesh nodes • Negotiation of encryption protection between mesh nodes based on policies Tyan-Shu Jou, et al., Janusys Networks

3. Discovery Models: Advertising vs. Probing • Advertising: • Advertising ESS Mesh capability in beacons • A mesh-capable device scans all possible channels for beacons and joins mesh network • Probing: • A mesh-capable device sends out “Hello” messages in multiple channels • Others that are willing to accept new mesh node respond with “Hello-Reply” Tyan-Shu Jou, et al., Janusys Networks

4. Authentication Methods • Mutual authentication should be performed between neighboring nodes • Possible authentication methods: • Open • Pre-shared Key • Certificates Tyan-Shu Jou, et al., Janusys Networks

5. Security Negotiation • Encryption protection should be negotiated after mutual authentication is done • A unique pair-wise key between two mesh nodes should be derived for transmitting uni-cast frames in between these two nodes • Group key is needed if broadcast WDS-frames are to be used • Encryption on data traffic between mesh nodes should be independent from encryption between mesh nodes and their client stations Tyan-Shu Jou, et al., Janusys Networks

6. Other Issues • Dynamic discovery • A node may moves in-and-out of range • Continuous discovery is needed to discover neighbors now in range • Re-authentication is necessary • Re-key • Pair-wise key between two mesh nodes should be replaced after a certain lifetime • Group Key • Generation and renew Tyan-Shu Jou, et al., Janusys Networks