Your SlideShare is downloading. ×
WiMAX Network Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

WiMAX Network Security

2,157
views

Published on

Academic Research Presentation: Security measures in WiMAX Networks

Academic Research Presentation: Security measures in WiMAX Networks


0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,157
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
171
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Final PresentationSECURITY CONCERNS IN ELET 6313 – NETWORK SECURITY DR. DRISS BENHADDOU Presented By: Syed Ashar Zia
  • 2.  What is WiMAX? Architecture of WiMAX MAC & PHY layers of WiMAX protocol Security Sub-Layer Security features of WiMAX Protocols used for authentication, encapsulation and authorization. Vulnerabilities and solutions What challenges were faced due to mobility in 802.16e security structure.3/30/2012 BY: SYED ASHAR ZIA 2
  • 3. Wireless WANWireless LAN Wireless PAN Wireless MAN – Research phase IEEE IEEE IEEE IEEE 802.11 802.15 802.16 802.20 Wireless WiMAX LTE Fidelity Bluetooth (Worldwide Interoperability (Long Term (Wi-Fi) for Microwave Evolution) Access)3/30/2012 BY: SYED ASHAR ZIA 3
  • 4. 3/30/2012 BY: SYED ASHAR ZIA 4
  • 5.  IEEE 802.16 (2001)  Air Interface for Fixed Broadband Wireless Access System MAC and PHY Specifications for 10 – 66 GHZ (Line-of-Sight)  One PHY: Single Carrier  Connection-oriented, TDM/TDMA MAC, QoS, Privacy IEEE 802.16a (January 2003)  Amendment to 802.16, MAC Modifications and Additional PHY Specifications for 2 – 11 GHz (Non-Line-of-Sight)  One PHY: Single Carrier IEEE 802.16d (July 2004)  Combines both IEEE 802.16 and 802.16a  Three PHYs: OFDM, OFDMA, Single Carrier  Additional MAC functions: OFDM and OFDMA PHY support, Mesh topology support, ARQ IEEE 802.16e (2005?)  Amendment to 802.16-2004  MAC Modifications for limited mobility3/30/2012 BY: SYED ASHAR ZIA 5
  • 6. Fig: WiMAX Accessibility (Adapted from www.mirentech.co.uk)3/30/2012 BY: SYED ASHAR ZIA 6
  • 7. Fig: WiMAX Network Architecture (Adapted from www.tutorialspoint.com)3/30/2012 BY: SYED ASHAR ZIA 7
  • 8.  The security requirements of any network is about providing the following services for data:  Confidentiality  Integrity  Availability  Non-Repudiation  Access control3/30/2012 BY: SYED ASHAR ZIA 8
  • 9. 3/30/2012 BY: SYED ASHAR ZIA 9
  • 10.  Also known as Privacy sub-layer. Three main features of security are:  Authentication  Authorization  Traffic Encryption Different techniques used for the above mentioned Authentication security feature are:  Privacy & Key Management Protocols (PKM)  Rivest-Shamir-Adleman (RSA) based authentication3/30/2012 BY: SYED ASHAR ZIA 10
  • 11.  The techniques used for Authorization are:  Security Associations (SA’s) are used to authorize user.  Authorization include request for Authentication Key and SA-Identity in exchange for subscriber’s certificate, encryption algorithm and cryptographic ID. Traffic Encryption:  All the traffic between subscriber-station (SS) and base- station (BS) is encrypted with Traffic Encryption Key.3/30/2012 BY: SYED ASHAR ZIA 11
  • 12.  WiMAX security architecture is based on three components which provide authentication, authorization and data encryption.  Security Associations (SAs)  Encapsulation Protocol  Privacy & Key Management Protocols (PKM)3/30/2012 BY: SYED ASHAR ZIA 12
  • 13.  Provides a set of security information in order to make the link between SS and BS secure. SA is formed to provide the authorization for the services to SS. There are two types of SA categorized on the basis of the information they carry.  One is used for authorization called Authorization SA.  Another for data exchange called Data SA.3/30/2012 BY: SYED ASHAR ZIA 13
  • 14.  Components of Authorization SA are:  SA-Descriptor: Defines the SA-type, SAID, and cryptographic suite.  X.509 Certificate: SS’s Digital certificate serving its identity.  Authorization Key (AK): Provided by BS and is used to generate Key Encryption Keys (KEKs), calculation of HMAC-Digests at transmitting side, and HMAC-Digest verification at receiver’s end.  AK Sequence Number: Served for differentiating in successive AKs.  AK-Lifetime: Validity period of AK.  Key Encryption Key (KEK): These are 128 bits long and are used to encrypt Traffic Encryption Key (TEK) which is used to encrypt/decrypt the data traffic at both ends.  HMAC Digest: These are used for checking the integrity of data.3/30/2012 BY: SYED ASHAR ZIA 14
  • 15.  Components of Data SA  SA-Identification (SAID)  AK-Sequence Number  TEK Parameters including: ▪ TEK ▪ TEK lifetime ▪ 2-bit sequence number ▪ Initialization Vector (IV) ▪ encryption algorithms ▪ HMAC-Digest.3/30/2012 BY: SYED ASHAR ZIA 15
  • 16.  Encapsulation protocol is used for the encryption of traffic between BS and SS. There are cryptographic suites which are shared by the SS to inform BS about its capabilities to encrypt and decrypt. Encryption and authentication algorithms used for ciphering the data traffic use the Traffic Encryption Key (TEK). TEK is encrypted with Key-Encryption-Key (KEK). KEK is derived from the Authorization Key (AK)3/30/2012 BY: SYED ASHAR ZIA 16
  • 17.  PKM Protocol is responsible for:  Normal authorization process of the requesting Subscriber Station (SS)  Re-authorization  Issuing the key materials  Renewal of the keying materials It follows two different protocols to complete the process of authentication & Authorization  Authentication Protocol  Key Exchange Protocol3/30/2012 BY: SYED ASHAR ZIA 17
  • 18.  Security Mechanism is categorized in three phases:  Phase I – SS Authorization  Phase II – Exchange of Key Materials  Phase III – Encryption of Data Stream3/30/2012 BY: SYED ASHAR ZIA 18
  • 19. BACK Message 1: Cert (SS.Manufacturer) Message 2: Cert (SS), Capabilities, BCID, SAID Message 3: (AK)SS, Seq. No., Lifetime, SA-Descriptor LEGEND: Cert: Certificate. (AK)SS: Authorization Key encrypted BCID: Basic CID. with SS public key SAID: Suites of SA. Seq. No.: AK’s sequence number. SA-Descriptor: Selected Suite Lifetime: Lifetime of AK 3/30/2012 BY: SYED ASHAR ZIA 19
  • 20. BACK Message 1: Seq. No., SAID, HMAC (1) Message 2: Seq. No., SAID, HMAC (2) Message 3: Seq. No., SAID, OldTEK, NewTEK, HMAC (3) LEGEND: SAID : Suites of Security Lifetime: Lifetime of AK Associations. OldTEK: Current set of Key Materials (AK)SS: Authorization Key encrypted NewTEK: Key Material to be used after with SS public key expiration of Current Keys. Seq. No.: AK’s sequence number. HMAC(x): MD for the ‘x’ message 3/30/2012 BY: SYED ASHAR ZIA 20
  • 21.  Data stream is encrypted with the TEK when travelling to or from BS. The data stream can be encrypted using:  DES (DES in CBC-Mode with 56 Bits) or  AES (AES in CCM-Mode with 128 Bits). TEK is shared during Key Exchange process and is encrypted using KEK. It can be encrypted using:  3 DES  RSA  AES3/30/2012 BY: SYED ASHAR ZIA 21
  • 22. Figure: Communication Workflow (Adapted from ‘WiMAX Security Architecture’ by Evren Eren – 20083/30/2012 BY: SYED ASHAR ZIA IEEE CNF) 22
  • 23.  In the first standard IEEE 802.16-2001, attacker had the following challenges:  Physically present between the BS and SS LoS Link.  Operate at higher frequencies of 10 to 66 GHz. After first revision:  Increased options for physical presence.  Frequency ranges were reduced to 2 to 11GHz. Adding Mobility in IEEE 802.16e:  Physical presence doesn’t matter3/30/2012 BY: SYED ASHAR ZIA 23
  • 24.  Wireless network uses radio, anyone with the proper receiving end equipment can intercept the signals in air. Jamming and scrambling are two most common attacks at PHY layer. Jamming is about reducing the channel capacity. Scrambling is very identical to jamming, but it is about targeting particular timeslots or frames.3/30/2012 BY: SYED ASHAR ZIA 24
  • 25.  The data traffic is secured using strong encryption algorithms like DES and AES. The attacker will be keen to attack the link during authentication or key exchange process.3/30/2012 BY: SYED ASHAR ZIA 25
  • 26.  Message 1 is just informative and doesn’t involve processing or acknowledgement. Message 2:  plaintext message, all the information is public.  Replay attack possible at BS to exhaust its capabilities.  Lacks message authentication. Message 3:  Replay and Man-in-the-middle attack possible  Lacks message authentication. Go to Authentication Protocol3/30/2012 BY: SYED ASHAR ZIA 26
  • 27. Fig: Revised Authentication protocol (Suggested by Sen Xu in ‘Security Protocols in WMAN’ – 2008)3/30/2012 BY: SYED ASHAR ZIA 27
  • 28.  Message 1 is optional, but insists replay attack. Message 2 and 3 lacks mutual authentication which gives margin for man-in-the-middle attack and replay attack. Attacker can act as a false BS for subscriber and issue self generated keys to take over communication Attacker can act as false subscriber to request to renew the keys again n again. Go to Key Exchange Protocol3/30/2012 BY: SYED ASHAR ZIA 28
  • 29. Fig: Revised Key Exchange protocol (Suggested by Sen Xu in ‘Security Protocols in WMAN’ – 2008)3/30/2012 BY: SYED ASHAR ZIA 29
  • 30.  The final revision of 802.16 standard is adding up the mobility feature. SS is capable of travelling at 150 miles/hr and enjoy BWA without losing connectivity. Mechanism added:  Extensible Authentication Protocol (EAP) used for authentication.  Handover capabilities.  Multicast & Broadcast services (MBS)3/30/2012 BY: SYED ASHAR ZIA 30
  • 31.  EAP is the secure most method for sharing keys. It follows 3-way handshake. The 3-Way Handshake should provide the following security guarantees:  Full mutual authentication.  Message 2 indicates to the BS that the MS is alive and that the MS possesses the AK.  Message 3 indicates to the MS that the BS is alive.  MS is guaranteed that SA is sent by the BS and is fresh (has been sent by the BS after MS generated and sent Message2).  Any TEKs distributed in this stage are secret.3/30/2012 BY: SYED ASHAR ZIA 31
  • 32.  Some Management messages are not encrypted or even unauthenticated to keep it easy and simple. Some of them are:  Traffic Indication Message – to wake up MS.  Neighbor Advertisement Message – to tell MS about neighboring BS for handover purpose.  Power control message  Ranging Request Message – when MS is trying to find connection to BS. The information in these messages are not very critical but they may be used in analysis while attacking.3/30/2012 BY: SYED ASHAR ZIA 32
  • 33.  "Analysis of WiMAX Security: Vulnerabilities and Solutions“ IEEE CNF - 2008 "WiMAX Security Architecture - Analysis and Assessment“ IEEE CNF - Sept 2007 "Security Research on WiMAX with Neural Cryptography“ IEEE CNF - 2008 "Security Issues in Mobile WiMAX (802.16e)“ IEEE CNF - 2009 "Security Protocols in Wireless MAN“ Ph.D. Thesis work - University of South Carolina, 20083/30/2012 BY: SYED ASHAR ZIA 33
  • 34. THE END Questions?3/30/2012 BY: SYED ASHAR ZIA 34
  • 35. 3/30/2012 BY: SYED ASHAR ZIA 35