Security in 802.16e<br />1<br />
Outline<br />802.16e Security Introduction<br />802.16e Network Architecture<br />Security Architecture<br />X.509 cerf.<b...
802.16e Network Architecture<br />3<br />
802.16e Network model<br />4<br />
Security Architecture<br />Encapsulation protocol<br />A set of supported cryptographic suites<br />The rules for applying...
Supported Cryptographic suites in 802.16e<br />DES: Data Encryption ; AES: Advanced Encryption Standard ; <br />CBC: Ciphe...
Cryptographic technology<br />7<br />
X.509 certificate<br />8<br />
Private Key Management<br />PKMv1<br />Use in 802.16d<br />Only support RSA authentication<br />Only BS can authenticate S...
PKMv1-Authentication and Authorization<br />10<br />
PKMv1: Re-authentication<br />Re-authentication 相較於開始的authentication少了傳送Authentication information 這個步驟<br />為了避免中斷SS和BS之間...
PKMv1:TEK exchange<br />BS<br />Key Request<br />[SS Certificate, SAID, HMAC-Digest]<br />Key Reply<br /><ul><li>Encrypt T...
Key hierarchy<br />The PKMv2 defines hierarchy for keys <br />Pre-PAK (pre-Primary AK) yielded by the RSA-based authorizat...
Key hierarchy (cont.)<br />14<br />
PKMv2: RSA-based Authentication<br />BS<br />Authentication Information<br />[Cert(manufacturer)]<br />Authorization Reque...
PKMv2: RSA-based Authentication (cont.)<br />RSA based authentication<br />EIK|PAK <= Dot16KDF(pre-PAK,SS MAC address | BS...
PKMv2: EAP Authentication<br />17<br />
PKMv2: EAP Authentication<br />One level EAP based authentication<br />Using the authentication exchange message to get MS...
PKMv2:Two level EAP Authentication <br /><ul><li>Step1:</li></ul>SS->BS: PKMv2_EAP_START (no attribute)<br />SS<->BS: Firs...
PKMv2 AK key derivation: Two level EAP-based<br />20<br />
PKMv2:Two level EAP Reauthentication <br />21<br />Step1: SS->BS: PKMv2 EAP Start signed by H/CMAC 			Key_U<br />		   SS<-...
PKMv2 :RSA+EAP basedAuthentication<br />First round :execute RSA-based authorization<br />Second round:execute Double EAP ...
PKMv2 AK key derivation:RSA+EAP based <br />23<br />
KEKand Message Authentication code generation<br />24<br />
KEKand Message Authentication code generation (cont.)<br />25<br />
PKMv2: SA-TEK 3-Way handshake<br />26<br />
Conclusion<br />27<br />Authentication & authorization<br />It improves single authentication to become mutual authenticat...
Upcoming SlideShare
Loading in …5
×

Security in 802.16e

1,226 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,226
On SlideShare
0
From Embeds
0
Number of Embeds
27
Actions
Shares
0
Downloads
40
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Security in 802.16e

  1. 1. Security in 802.16e<br />1<br />
  2. 2. Outline<br />802.16e Security Introduction<br />802.16e Network Architecture<br />Security Architecture<br />X.509 cerf.<br />PKMv1<br />RSAAuthentication<br />PKMv2<br />RSA based Authentication<br />EAPbased Authentication<br />Double EAP Authentication<br />RSA and EAP Authentication<br />2<br />
  3. 3. 802.16e Network Architecture<br />3<br />
  4. 4. 802.16e Network model<br />4<br />
  5. 5. Security Architecture<br />Encapsulation protocol<br />A set of supported cryptographic suites<br />The rules for applying those algorithms to a MAC PDU payload<br />Key management protocol<br />Providing the secure distribution of keying data from the BS to the SS<br />Authentication protocol<br />RSA authentication protocol<br />Extensible Authentica5555tion Protocol<br />5<br />
  6. 6. Supported Cryptographic suites in 802.16e<br />DES: Data Encryption ; AES: Advanced Encryption Standard ; <br />CBC: Cipher Block-Chaining; CTR: Counter ;<br />ECB: Electronic Codebook<br />6<br />
  7. 7. Cryptographic technology<br />7<br />
  8. 8. X.509 certificate<br />8<br />
  9. 9. Private Key Management<br />PKMv1<br />Use in 802.16d<br />Only support RSA authentication<br />Only BS can authenticate SS<br />PKMv2<br />Support EAP authentication and RSA authentication<br />MBS (Multimedia Broadcast Services)<br />Key hierarchy<br />New cryptographic technology<br />BS has a certificate<br />BS and SS can authenticate each other<br />9<br />
  10. 10. PKMv1-Authentication and Authorization<br />10<br />
  11. 11. PKMv1: Re-authentication<br />Re-authentication 相較於開始的authentication少了傳送Authentication information 這個步驟<br />為了避免中斷SS和BS之間的服務或連線,SS會在key lifetime快到的時候傳送Authorization request過去,然後BS和SS會同時啟動新的AK<br />11<br />
  12. 12. PKMv1:TEK exchange<br />BS<br />Key Request<br />[SS Certificate, SAID, HMAC-Digest]<br />Key Reply<br /><ul><li>Encrypt TEK with SS’s public key</li></ul>[Key-Sequence-Number, SAID, TEK-Parameters, HMAC-Digest]<br />Encrypted Data<br />12<br />
  13. 13. Key hierarchy<br />The PKMv2 defines hierarchy for keys <br />Pre-PAK (pre-Primary AK) yielded by the RSA-based authorization process<br />MSK yielded by the EAP based authentication process <br />MBSAK from which keys used to protect MBS traffic are derived. <br />13<br />
  14. 14. Key hierarchy (cont.)<br />14<br />
  15. 15. PKMv2: RSA-based Authentication<br />BS<br />Authentication Information<br />[Cert(manufacturer)]<br />Authorization Request<br />[Cert(MS), Security-Capabilities, MSRandom(64bits),SAID]<br />Authorization Reply<br />[Cert(BS),pre-PAK,PAK-Lifetime,PAK-SeqNumber,MSRandom,SA-Descriptor(s), BSRandom]<br />Authorization ACK<br />15<br />
  16. 16. PKMv2: RSA-based Authentication (cont.)<br />RSA based authentication<br />EIK|PAK <= Dot16KDF(pre-PAK,SS MAC address | BSID | ”EIK+PAK” , 320) <br />AK<= Dot16KDF(PAK,SS MAC address | BSID | PAK|”AK” ,160)<br />16<br />
  17. 17. PKMv2: EAP Authentication<br />17<br />
  18. 18. PKMv2: EAP Authentication<br />One level EAP based authentication<br />Using the authentication exchange message to get MSK (Master session key)<br />PMK<= truncate(MSK,160) <br />AK<=Dot16KDF(PMK,SS MAC Address | BSID | “AK”,160)<br />18<br />
  19. 19. PKMv2:Two level EAP Authentication <br /><ul><li>Step1:</li></ul>SS->BS: PKMv2_EAP_START (no attribute)<br />SS<->BS: First round EAP conversation with PKMv2 EAP Transfer message without HMAC/CMAC Digest<br /> BS->SS:EAP_success<br /> BS->SS:EAP_complete [EAP payload|signedby EIK]<br /><ul><li>Step2: </li></ul>SS->BS:PKMv2_EAP_START signed by EIK<br /> BS->SS:PKMv2 Authenticated EAP [EAP- Identity/Request]<br /> SS<->BS:Second EAP conversation with PKMv2 Authenticated EAP message signed by EIK<br />當Step2successSS和BS可以generate AK from PMK1 and PMK2<br />19<br />
  20. 20. PKMv2 AK key derivation: Two level EAP-based<br />20<br />
  21. 21. PKMv2:Two level EAP Reauthentication <br />21<br />Step1: SS->BS: PKMv2 EAP Start signed by H/CMAC Key_U<br /> SS<->BS: EAP conversation with PKMv2 EAP Transfer message <br /> BS->SS: PKMv2 EAP Complete signed by AK<br />Step2:SS->BS: PKMv2 EAP Start signed by H/CMAC_Key_U<br /> SS<->BS: PKMv2 EAP Transfer signed by AK<br />
  22. 22. PKMv2 :RSA+EAP basedAuthentication<br />First round :execute RSA-based authorization<br />Second round:execute Double EAP mode<br />22<br />
  23. 23. PKMv2 AK key derivation:RSA+EAP based <br />23<br />
  24. 24. KEKand Message Authentication code generation<br />24<br />
  25. 25. KEKand Message Authentication code generation (cont.)<br />25<br />
  26. 26. PKMv2: SA-TEK 3-Way handshake<br />26<br />
  27. 27. Conclusion<br />27<br />Authentication & authorization<br />It improves single authentication to become mutual authentication between SS and BS<br />It reduces the possibility of fake BS attack<br />Data privacy  <br />IEEE 802.16e add secure encryption standard such as AES-key-wraps.<br />Key exchange<br />Add new method to protect integrity and support MBS<br />

×