Published on

Overview on the Wimax authentication protocol presented. PKMv1 and PKMv2 analysed. General wireless security issues are overview.

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL Zachariah Pabi GARIBA MPhil Telecommunication Engineering 1 Graduate Student Member IEEE Email: zpgariba.coe @st.knust.edu KNUST
  2. 2. PRESENTATION OUTLINE Introduction Research Objectives WiMAX authentication protocol Conclusions References KNUST
  3. 3. Mobile computing Defined as having access to computing resources from anywhere; one's ability to use computing technology whilst moving. Since this system is design provides open access across vast networked environments, security issue becomes a difficult task as the mobile devices cannot be tracked down to a single location. The vital goal of security solutions for mobile networks is to provide services such as authentication, confidentiality, integrity, anonymity and availability to mobile users. security can be implemented in any of the OSI seven layers. KNUST
  4. 4. Components of good security Confidentiality: The non-occurrence of the unauthorized disclosure of information. No one except the sender and the receiver should have access to the information being exchanged. Integrity: The non-occurrence of the unauthorized manipulation of information. No one except the sender and the receiver should be able to modify the information being exchanged. Authentication: The receiver’s ability to ascertain the origin of a message. An intruder should not be able to masquerade as someone else. Nonrepudiation: The receiver’s ability to prove that the sender did in fact send a given message. The sender should not be able to falsely deny later that he sent a message. Service Reliability: The ability to protect the communication session against denial of service attacks. KNUST
  5. 5. Component methods Confidentiality: encryption Integrity: Message hash calculation Authentication: Digital signature or challenge response schemes Nonrepudiation: Time stamping TUESDAY: 9 TH FEBRUARY, 2010 KNUST
  6. 6. INTRODUCTION TUESDAY: 9 TH FEBRUARY, 2010 Table 1: Security system requirement KNUST
  7. 7. INTRODUCTION <ul><li>Mobile computing devices </li></ul><ul><li>Laptop computers </li></ul><ul><li>Personal Digital Assistants (PDAs) and handheld PCs </li></ul><ul><li>Pagers </li></ul><ul><li>Smart phones and mobile phones </li></ul><ul><li>Task devices; bar code scan </li></ul>TUESDAY: 9 TH FEBRUARY, 2010 KNUST
  8. 8. INTRODUCTION <ul><li>Security components </li></ul><ul><li>Security within networks </li></ul><ul><li>Security for the devices </li></ul><ul><li>Supporting mobile computing networks </li></ul><ul><li>Traditional wireless systems </li></ul><ul><li>Wireless LAN </li></ul><ul><li>Wireless Ad Hoc systems </li></ul>TUESDAY: 9 TH FEBRUARY, 2010 KNUST
  9. 9. INTRODUCTION TUESDAY: 9 TH FEBRUARY, 2010 Table 1: Security system requirement KNUST
  10. 10. INTRODUCTION WiMAX The IEEE 802.16 protocol is also called WiMAX, which stands for worldwide interoperability of microwave access. It was first planned to offer the last mile for Wireless Metropolitan Area Network (WMAN) with the line of sight (LOS) of 30 – 50 km. The original IEEE 802.16 standard covers line-of-sight connections in the 10–66GHz range, supporting speeds up to 280 Mbps over distances up to 50km (30 mi.). IEEE 802.16a covers non-line-of-sight connections in the 2–11GHz range, supporting speeds up to 75 Mbps over distances of 5–8km (3–5 mi.). IEEE 802.16a also adds features for mesh networks, while the 802.16e standard adds support for mobility. TUESDAY: 9 TH FEBRUARY, 2010 KNUST
  11. 11. TUESDAY: 9 TH FEBRUARY, 2010 Table 2 IEEE 802.16 standard evolution KNUST
  12. 12. RESEARCH OBJECTIVES <ul><li>To thoroughly review the authentication aspects of IEEE 802.16 standard </li></ul><ul><li>To underscore the security vulnerabilities and threats associated with WiMAX authentication. </li></ul>KNUST
  13. 13. RESEARCH METHODS <ul><li>The research approaches will include qualitative and quantitative research methods, and computer simulation. </li></ul><ul><li>Present published security issues of IEEE 802.16 protocol in journals and conferences shall be review and the further readings for proposed security improvement. </li></ul>KNUST
  14. 14. IEEE 802.16 SECURITY PROTOCOL PHY Layer (L1) MAC (L2) Fig. 1: IEEE 802.16 protocol stack KNUST Transmission convergence sublayer QPSK 16QAM 64QAM 256QAM Security sublayer (PS) Common part sublayer (CPS) Convergence sublayer (CS) Link layer control (LLC)
  15. 15. IEEE 802.16 SECURITY PROTOCOL <ul><li>The protocol architecture </li></ul><ul><li>The security sublayer has two protocols as follows; </li></ul><ul><li>An encapsulation protocol for securing packet data across the BWA network. </li></ul><ul><li>A key management protocol ( PKM) providing the secure distribution of keying data from the BS to the SS. </li></ul>KNUST
  16. 16. Fig. 2: WiMAX security sublayer KNUST
  17. 17. IEEE 802.16 SECURITY PROTOCOL Privacy and key management (PKM) SS uses PKM to obtain authentication and traffic keying from BS PKM has two categories SS authorization and AK exchange TEK exchange KNUST
  18. 18. IEEE 802.16 SECURITY PROTOCOL <ul><li>Key management protocol </li></ul><ul><li>The PKM protocol allows for both mutual authentication and unilateral authentication. It also supports periodic reauthentication/reauthorization and key refresh. </li></ul><ul><li>The key management protocol uses either EAP or X.509 digital certificates together with RSA public-key encryption algorithm. </li></ul><ul><li>There are two Key Management Protocols supported in this standard: PKM version 1 and PKMv2 with more enhanced features such as new key hierarchy, AES-CMAC, AES key wraps, and MBS. </li></ul>KNUST
  19. 19. IEEE 802.16 SECURITY PROTOCOL <ul><li>Authentication </li></ul><ul><li>Hash Message Authentication Code (HMAC) </li></ul><ul><li>X.509 certificate </li></ul><ul><ul><li>Manufacture certificate </li></ul></ul><ul><ul><li>Subscriber certificate </li></ul></ul><ul><ul><li>Base station certificate </li></ul></ul><ul><li>Extensible Authentication Protocol (EAP) </li></ul>IEEE 802.16-2004 KNUST
  20. 20. IEEE 802.16 SECURITY PROTOCOL <ul><li>Authentication protocols </li></ul><ul><li>PKM supports two distinct authentication protocol mechanisms: </li></ul><ul><li>RSA protocol </li></ul><ul><li>Extensible Authentication Protocol (optional) </li></ul><ul><li>An SS uses the PKM protocol to obtain authorization and traffic keying material from the BS, and to support periodic reauthorization and key refresh. </li></ul>KNUST
  21. 21. IEEE 802.16 SECURITY PROTOCOL PKM RSA authentication The PKM RSA authentication protocol uses X.509 digital certificates the RSA public key encryption algorithm that binds public RSA encryption keys to MAC addresses of SSs. All RSA authentication have factory-installed RSA private/public key pairs or provide an internal algorithm to generate such key pairs dynamically. KNUST
  22. 22. IEEE 802.16 SECURITY PROTOCOL PKM EAP authentication PKM EAP Authentication uses Extensible Authentication Protocol in conjunction with an operator-selected EAP Method (e.g. EAP-TLS). The EAP method uses credentials such as an X.509 certificate in the case of EAP-TLS or a Subscriber Identity Module in the case of EAP-SIM. KNUST
  24. 24. IEEE 802.16 SECURITY PKM v1 SS authorization and AK exchange overview: SS authorization, controlled by the Authorization state machine, is the process of the BS authenticating a client SS’s identity Authorization via RSA authentication protocol: SS begins authorization by sending an Authentication Information message to its BS. The Authentication Information message contains the SS manufacturer’s X.509 certificate. KNUST
  25. 25. IEEE 802.16 SECURITY PROTOCOL <ul><li>PKMv2 </li></ul><ul><li>The PKMv2 key hierarchy defines what keys are present in the system and how the keys are generated. Since there are two authentication schemes, RSA and EAP, there are two primary sources of keying material. </li></ul><ul><li>The RSA-based authorization process yields the pre-Primary AK (pre-PAK) and the EAP based authentication process yields the MSK. </li></ul><ul><li>All PKMv2 key derivations are based on the Dot16KDF algorithm: The Dot16KDF algorithm is a counter mode encryption (CTR) construction that may be used to derive an arbitrary amount of secret key from source keying material. </li></ul>KNUST
  26. 26. IEEE 802.16 SECURITY PROTOCOL <ul><li>Digital signatures </li></ul><ul><li>Manufacture certificates </li></ul><ul><li>SS certificate </li></ul><ul><li>BS certificate </li></ul>KNUST
  27. 27. IEEE 802.16 SECURITY PROTOCOL <ul><li>Cryptographic methods </li></ul><ul><li>In PKMv2, SAs using a cipher suite employing DES-CBC, the TEK in the Key Reply is triple DES (3-DES) encrypted, using a two-key, 3-DES KEK derived from the AK. </li></ul><ul><li>The lifetimes of the two generations overlap such that each generation becomes active halfway through the life of it predecessor and expires halfway through the life of its successor. </li></ul>KNUST
  28. 28. Fig. 4: WiMAX security procedure KNUST
  29. 29. IEEE 802.16 SECURITY PROTOCOL Fig. 6: WiMAX overview KNUST
  30. 30. IEEE 802.16 SECURITY PROTOCOL <ul><li>Threats and vulnerabilities </li></ul><ul><li>Threats in the IEEE 802.16 standards have been grouped into two; </li></ul><ul><li>Physical layer threats and vulnerabilities </li></ul><ul><li>MAC layer threats and vulnerabilities </li></ul>KNUST
  31. 31. IEEE 802.16 SECURITY PROTOCOL <ul><li>Physical layer threats </li></ul><ul><li>Jamming and scrambling attacks </li></ul><ul><li>Water torture attack </li></ul><ul><li>Replay attacks in IEEE 802.16e mesh modes </li></ul>KNUST
  32. 32. IEEE 802.16 SECURITY PROTOCOL <ul><li>Threats </li></ul><ul><li>MAC management messages are sent in plain-text and not cipher-text. </li></ul><ul><li>X.509 digital certificate; it uses RSA encryption with SHA-1 hashing. </li></ul><ul><li>Downgrade attack is possible on the initial TEK authentication. The security capabilities are sent by SS to BS over an insecure connection, before negotiating the encryption keys, these include the kind of crypto functions to be used to cipher the data packets. </li></ul><ul><li>In IEEE 802.16e SS can authenticate with BS with the new PKMv2 RSA authentication with its public key. Public key encryption and signature is a computationally heavy operation, so if flooded with false requests, the BS may be victim of a denial of service attack, using all its resources to evaluate digital signatures. </li></ul>KNUST
  33. 33. CONCLUSIONS <ul><li>In mesh mode, an insider attacker can fool other nodes of the mesh to create man in the middle attacks, invade their privacy. </li></ul><ul><li>There has been PKMv2 in the amended 2004 version which uses more enhanced features such as new key hierarchy, AES-CMAC, AES-key-wraps, and MBS. </li></ul><ul><li>There is of BS X.509 digital certificate in IEEE 802.16e </li></ul><ul><li>The standard security mechanism does not handle layer 1 security. </li></ul><ul><li>Potential security flaws also exist in IEEE 802.16e, especially the flaw existing in subscriber handover procedure. </li></ul><ul><li>IEEE 802.16 supports mesh mode </li></ul><ul><li>There has been little research on layer 1 security issues for IEEE 802.16/WiMAX. </li></ul>KNUST
  34. 34. REFERENCES [1] Ahson, S. and Ilyas, M. (2008), WiMAX Standards and Security , CRC Press, Boca Raton, pp. 19-55, 197-243. [2] IEEE (2009), IEEE Standard for Local and metropolitan area networks: Air Interface for Broadband Wireless Access Systems (IEEE Std 802.16™-2009) , IEEE, New York, pp. 558-565. [3] Menezes, A. Oorschot, P. V. and Vanstone, S. (1997), Handbook of Applied Cryptography , CRC Press, Boca Raton, pp. 1-42. [4] Di, P. et al. (2007), 'Overview and Analysis of IEEE 802.16e Security'. [5] Xu, S. and Huang, C.-T. (2008), 'Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions'. [6] Deininger, A. et al. (2007), 'Security Vulnerabilities and Solutions in Mobile WiMAX', IJCSNS International Journal of Computer Science and Network Security, vol. 7, no. 11, pp. 7-17. [7] Xu, S. Matthews, M. and Huang, C. (2006), 'Security Issues in Privacy and Key Management Protocols of IEEE 802.16', http://www.cse.sc.edu/~huangct/acmse06cr.pdf , [30th August 2009 at 00: 57]. [8] Barbeau, M. (2008), 'WiMAX/802.16 Security in Mesh Mode', pp. 1-11. [9] Maccari, L. Paoli, M. and Fantacci, R. (2007), 'Security analysis of IEEE 802.16', ICC 2007. KNUST
  35. 35. THE END KNUST