A　wireless　mesh　network　(WMN)　is　a　new　wireless　network　technology　and　there　is　a　trend　to　adopt　the　technology　to　build　commercial　mobile　Ad　Hoc　networks.　Since　a　WMN　is　such　a　network　without　fixed　infrastructure　and　is　operated　in　an　open　medium,　an),　user　within　the　range　covered　by　radio　wave　may　access　the　network.　Therefore,　a　critical　requirement　for　the　security　in　WMN　is　the　authentication　of　a　new　user　who　is　trying　to　join　the　network.　In　this　paper,　we　present　a　new　authentication　scheme　based　on　a　combination　of　techniques,　such　as　zone-based　hierarchical　topology　structure,　virtual　certification　authority　(CA),　off-line　CA,　identity-based　cryptosystem　and　multi-signature.　We　show　that　our　scheme　would　improve　authentication　in　security,　computational　overhead,　traffic,　authentication　latency　and　storage　space.