Your SlideShare is downloading. ×
WiMAX Network Security
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

WiMAX Network Security


Published on

Academic Research Presentation: Security measures in WiMAX Networks

Academic Research Presentation: Security measures in WiMAX Networks

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Final PresentationSECURITY CONCERNS IN ELET 6313 – NETWORK SECURITY DR. DRISS BENHADDOU Presented By: Syed Ashar Zia
  • 2.  What is WiMAX? Architecture of WiMAX MAC & PHY layers of WiMAX protocol Security Sub-Layer Security features of WiMAX Protocols used for authentication, encapsulation and authorization. Vulnerabilities and solutions What challenges were faced due to mobility in 802.16e security structure.3/30/2012 BY: SYED ASHAR ZIA 2
  • 3. Wireless WANWireless LAN Wireless PAN Wireless MAN – Research phase IEEE IEEE IEEE IEEE 802.11 802.15 802.16 802.20 Wireless WiMAX LTE Fidelity Bluetooth (Worldwide Interoperability (Long Term (Wi-Fi) for Microwave Evolution) Access)3/30/2012 BY: SYED ASHAR ZIA 3
  • 4. 3/30/2012 BY: SYED ASHAR ZIA 4
  • 5.  IEEE 802.16 (2001)  Air Interface for Fixed Broadband Wireless Access System MAC and PHY Specifications for 10 – 66 GHZ (Line-of-Sight)  One PHY: Single Carrier  Connection-oriented, TDM/TDMA MAC, QoS, Privacy IEEE 802.16a (January 2003)  Amendment to 802.16, MAC Modifications and Additional PHY Specifications for 2 – 11 GHz (Non-Line-of-Sight)  One PHY: Single Carrier IEEE 802.16d (July 2004)  Combines both IEEE 802.16 and 802.16a  Three PHYs: OFDM, OFDMA, Single Carrier  Additional MAC functions: OFDM and OFDMA PHY support, Mesh topology support, ARQ IEEE 802.16e (2005?)  Amendment to 802.16-2004  MAC Modifications for limited mobility3/30/2012 BY: SYED ASHAR ZIA 5
  • 6. Fig: WiMAX Accessibility (Adapted from BY: SYED ASHAR ZIA 6
  • 7. Fig: WiMAX Network Architecture (Adapted from BY: SYED ASHAR ZIA 7
  • 8.  The security requirements of any network is about providing the following services for data:  Confidentiality  Integrity  Availability  Non-Repudiation  Access control3/30/2012 BY: SYED ASHAR ZIA 8
  • 9. 3/30/2012 BY: SYED ASHAR ZIA 9
  • 10.  Also known as Privacy sub-layer. Three main features of security are:  Authentication  Authorization  Traffic Encryption Different techniques used for the above mentioned Authentication security feature are:  Privacy & Key Management Protocols (PKM)  Rivest-Shamir-Adleman (RSA) based authentication3/30/2012 BY: SYED ASHAR ZIA 10
  • 11.  The techniques used for Authorization are:  Security Associations (SA’s) are used to authorize user.  Authorization include request for Authentication Key and SA-Identity in exchange for subscriber’s certificate, encryption algorithm and cryptographic ID. Traffic Encryption:  All the traffic between subscriber-station (SS) and base- station (BS) is encrypted with Traffic Encryption Key.3/30/2012 BY: SYED ASHAR ZIA 11
  • 12.  WiMAX security architecture is based on three components which provide authentication, authorization and data encryption.  Security Associations (SAs)  Encapsulation Protocol  Privacy & Key Management Protocols (PKM)3/30/2012 BY: SYED ASHAR ZIA 12
  • 13.  Provides a set of security information in order to make the link between SS and BS secure. SA is formed to provide the authorization for the services to SS. There are two types of SA categorized on the basis of the information they carry.  One is used for authorization called Authorization SA.  Another for data exchange called Data SA.3/30/2012 BY: SYED ASHAR ZIA 13
  • 14.  Components of Authorization SA are:  SA-Descriptor: Defines the SA-type, SAID, and cryptographic suite.  X.509 Certificate: SS’s Digital certificate serving its identity.  Authorization Key (AK): Provided by BS and is used to generate Key Encryption Keys (KEKs), calculation of HMAC-Digests at transmitting side, and HMAC-Digest verification at receiver’s end.  AK Sequence Number: Served for differentiating in successive AKs.  AK-Lifetime: Validity period of AK.  Key Encryption Key (KEK): These are 128 bits long and are used to encrypt Traffic Encryption Key (TEK) which is used to encrypt/decrypt the data traffic at both ends.  HMAC Digest: These are used for checking the integrity of data.3/30/2012 BY: SYED ASHAR ZIA 14
  • 15.  Components of Data SA  SA-Identification (SAID)  AK-Sequence Number  TEK Parameters including: ▪ TEK ▪ TEK lifetime ▪ 2-bit sequence number ▪ Initialization Vector (IV) ▪ encryption algorithms ▪ HMAC-Digest.3/30/2012 BY: SYED ASHAR ZIA 15
  • 16.  Encapsulation protocol is used for the encryption of traffic between BS and SS. There are cryptographic suites which are shared by the SS to inform BS about its capabilities to encrypt and decrypt. Encryption and authentication algorithms used for ciphering the data traffic use the Traffic Encryption Key (TEK). TEK is encrypted with Key-Encryption-Key (KEK). KEK is derived from the Authorization Key (AK)3/30/2012 BY: SYED ASHAR ZIA 16
  • 17.  PKM Protocol is responsible for:  Normal authorization process of the requesting Subscriber Station (SS)  Re-authorization  Issuing the key materials  Renewal of the keying materials It follows two different protocols to complete the process of authentication & Authorization  Authentication Protocol  Key Exchange Protocol3/30/2012 BY: SYED ASHAR ZIA 17
  • 18.  Security Mechanism is categorized in three phases:  Phase I – SS Authorization  Phase II – Exchange of Key Materials  Phase III – Encryption of Data Stream3/30/2012 BY: SYED ASHAR ZIA 18
  • 19. BACK Message 1: Cert (SS.Manufacturer) Message 2: Cert (SS), Capabilities, BCID, SAID Message 3: (AK)SS, Seq. No., Lifetime, SA-Descriptor LEGEND: Cert: Certificate. (AK)SS: Authorization Key encrypted BCID: Basic CID. with SS public key SAID: Suites of SA. Seq. No.: AK’s sequence number. SA-Descriptor: Selected Suite Lifetime: Lifetime of AK 3/30/2012 BY: SYED ASHAR ZIA 19
  • 20. BACK Message 1: Seq. No., SAID, HMAC (1) Message 2: Seq. No., SAID, HMAC (2) Message 3: Seq. No., SAID, OldTEK, NewTEK, HMAC (3) LEGEND: SAID : Suites of Security Lifetime: Lifetime of AK Associations. OldTEK: Current set of Key Materials (AK)SS: Authorization Key encrypted NewTEK: Key Material to be used after with SS public key expiration of Current Keys. Seq. No.: AK’s sequence number. HMAC(x): MD for the ‘x’ message 3/30/2012 BY: SYED ASHAR ZIA 20
  • 21.  Data stream is encrypted with the TEK when travelling to or from BS. The data stream can be encrypted using:  DES (DES in CBC-Mode with 56 Bits) or  AES (AES in CCM-Mode with 128 Bits). TEK is shared during Key Exchange process and is encrypted using KEK. It can be encrypted using:  3 DES  RSA  AES3/30/2012 BY: SYED ASHAR ZIA 21
  • 22. Figure: Communication Workflow (Adapted from ‘WiMAX Security Architecture’ by Evren Eren – 20083/30/2012 BY: SYED ASHAR ZIA IEEE CNF) 22
  • 23.  In the first standard IEEE 802.16-2001, attacker had the following challenges:  Physically present between the BS and SS LoS Link.  Operate at higher frequencies of 10 to 66 GHz. After first revision:  Increased options for physical presence.  Frequency ranges were reduced to 2 to 11GHz. Adding Mobility in IEEE 802.16e:  Physical presence doesn’t matter3/30/2012 BY: SYED ASHAR ZIA 23
  • 24.  Wireless network uses radio, anyone with the proper receiving end equipment can intercept the signals in air. Jamming and scrambling are two most common attacks at PHY layer. Jamming is about reducing the channel capacity. Scrambling is very identical to jamming, but it is about targeting particular timeslots or frames.3/30/2012 BY: SYED ASHAR ZIA 24
  • 25.  The data traffic is secured using strong encryption algorithms like DES and AES. The attacker will be keen to attack the link during authentication or key exchange process.3/30/2012 BY: SYED ASHAR ZIA 25
  • 26.  Message 1 is just informative and doesn’t involve processing or acknowledgement. Message 2:  plaintext message, all the information is public.  Replay attack possible at BS to exhaust its capabilities.  Lacks message authentication. Message 3:  Replay and Man-in-the-middle attack possible  Lacks message authentication. Go to Authentication Protocol3/30/2012 BY: SYED ASHAR ZIA 26
  • 27. Fig: Revised Authentication protocol (Suggested by Sen Xu in ‘Security Protocols in WMAN’ – 2008)3/30/2012 BY: SYED ASHAR ZIA 27
  • 28.  Message 1 is optional, but insists replay attack. Message 2 and 3 lacks mutual authentication which gives margin for man-in-the-middle attack and replay attack. Attacker can act as a false BS for subscriber and issue self generated keys to take over communication Attacker can act as false subscriber to request to renew the keys again n again. Go to Key Exchange Protocol3/30/2012 BY: SYED ASHAR ZIA 28
  • 29. Fig: Revised Key Exchange protocol (Suggested by Sen Xu in ‘Security Protocols in WMAN’ – 2008)3/30/2012 BY: SYED ASHAR ZIA 29
  • 30.  The final revision of 802.16 standard is adding up the mobility feature. SS is capable of travelling at 150 miles/hr and enjoy BWA without losing connectivity. Mechanism added:  Extensible Authentication Protocol (EAP) used for authentication.  Handover capabilities.  Multicast & Broadcast services (MBS)3/30/2012 BY: SYED ASHAR ZIA 30
  • 31.  EAP is the secure most method for sharing keys. It follows 3-way handshake. The 3-Way Handshake should provide the following security guarantees:  Full mutual authentication.  Message 2 indicates to the BS that the MS is alive and that the MS possesses the AK.  Message 3 indicates to the MS that the BS is alive.  MS is guaranteed that SA is sent by the BS and is fresh (has been sent by the BS after MS generated and sent Message2).  Any TEKs distributed in this stage are secret.3/30/2012 BY: SYED ASHAR ZIA 31
  • 32.  Some Management messages are not encrypted or even unauthenticated to keep it easy and simple. Some of them are:  Traffic Indication Message – to wake up MS.  Neighbor Advertisement Message – to tell MS about neighboring BS for handover purpose.  Power control message  Ranging Request Message – when MS is trying to find connection to BS. The information in these messages are not very critical but they may be used in analysis while attacking.3/30/2012 BY: SYED ASHAR ZIA 32
  • 33.  "Analysis of WiMAX Security: Vulnerabilities and Solutions“ IEEE CNF - 2008 "WiMAX Security Architecture - Analysis and Assessment“ IEEE CNF - Sept 2007 "Security Research on WiMAX with Neural Cryptography“ IEEE CNF - 2008 "Security Issues in Mobile WiMAX (802.16e)“ IEEE CNF - 2009 "Security Protocols in Wireless MAN“ Ph.D. Thesis work - University of South Carolina, 20083/30/2012 BY: SYED ASHAR ZIA 33
  • 34. THE END Questions?3/30/2012 BY: SYED ASHAR ZIA 34
  • 35. 3/30/2012 BY: SYED ASHAR ZIA 35