Download - MOBILE WiMAX SECURITY
MOBILE WiMAX SECURITY
Student Name: Claudia CardenasStudent ID: 41416538
Supervisor Number: Rajan Shankaran
ITEC 810
Contents
2. Mobile WiMAX
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
2
ITEC 810
Introduction
Customers’ Demands Greater e-commerce usage High speed.MobilityLower costsMobile Internet
3
Key Problems
ITEC 8104
VulnerabilitiesVulnerabilities
EE
CC
DD
AAEavesdropping Unauthorised modification of
messages
Masquerading: Unauthorised access
Goals
ITEC 8105
ITEC 810
Contents
2. Mobile WiMAX
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
6
Mobile WiMAX
Flexibility
ITEC 8107
Mobille WiMAX Architecture
ITEC 8108
Access Service Network
Base Station Connection with the mobile subscriber Maintain the connection. Maintain the Status. Traffic Scheduling
The Access Service Network Gateway (ASN-GW)
Collecting and forwarding the traffic. AAA functionality QoS Management
ITEC 8109
Mobile WiMAX Network Architecture
Different kind of users. Different deployments. Ability to grow. Internetworking.
QoS for each service and connection.
IP and non-IP network are integrated
ITEC 81010
Protocol Layers
ITEC 81011
ITEC 810
Contents
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
12
Security Threats
ITEC 81013
Threats
Threats to PHY Layer
Threats to MAC Layer
Threats to PHY Layer
Jamming Attack Scrambling Attack Water Torture Attack
ITEC 81014
Threats to MAC Layer
Threats to Mac Management message in Initial Network Entry
Threats to Access Network Security Threats to Authentication
ITEC 81015
ITEC 810
Contents
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
16
Security in Mobile WiMAX
ITEC 81017
Encryption Overview
It is only applied to the payload. It is not applied to the MAC management messages. SS’s encryption capabilities are negotiated during
registration process. BS determines the encryption method to be used.
ITEC 81018
Encryption Mode Reference
DES in CBC mode DES algorithm [FIPS 46-3, FIPS 74, FIPS81]
AES in CCM mode AES algorithm [NIST Special Publication 800-38C, FIPS-197]
AES in CTR mode AES algorithm [NIST Special Publication 800-38A, FIPS 197, RFC 3686]
AES in CBC mode AES algorithm [NIST Special Publication 800-38A, FIPS 197, RFC 3686]
Authentication Overview
ITEC 81019
Authorization
ITEC 81020
ITEC 810
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
6. Conclusion
21
Vulnerabilities Assessment
Lack of mutual authentication. It could be the cause of impersonation.
This vulnerability is mitigated IEEE 802.16e by including the mutual authentication
ITEC 81022
Weak encryption algorithms.
It could lead an integrity and confidentiality problem.
IEEE 802.16e not only supports DES-CBC, but also, several modes of AES that make the encrypting communications more secure
ITEC 81023
Interjection of reused TEKs.
This characteristic makes easier perform a replay attack.
Valuable information and the traffic encryption key could be disclosed to unauthorized parties
IEEE802.16e introduces AES-CCM. It offers per packet randomization. Each data packed include its own unique
packet number
ITEC 81024
Unencrypted management messages
These messages are not encrypted, so they are susceptible to eavesdropping attacks.
IEEE 802.16e-2005 offers integrity protection for specific unicast management messages
However this digest is not appended to initial network entry management messages
ITEC 81025
Other Results
Three way TEK exchange and the authorization process.
No one vulnerability was found [Datta,2005].
The key management protocol was analysed by Yaksel and once again this software could not find any security hole.
The Multi-Broadcast Service (MBS) The protocol is secure on its own. (Kao,2006)
ITEC 81026
Initial Network Entry
ITEC 81027
Proposed Solution
SS → KMC: [SS, nonce1]Kss
KMC → SS: [Ks]Kss, [Ks]Kbs, nonce1, H([Ks]Kss, [Ks]Kbs, nonce1)
SS → BS: [Ks]Kbs, nonce2,H([Ks]Kbs, nonce2) BS → SS : [rand2]Ks
SS → BS : [rand2-1]Ks
ITEC 81028
ITEC 810
Contents
1. Introduction
3. Security Threats
6. Conclusion
29
Conclusion
The best aspirant technologies to serve the broadband demands on wireless access.
In terms of the PHY layer most of these attacks can be counteracted by using different signals and proper configuration of the protocol.
Some of MAC flaws have been fixed by the enhanced security of IEEE 802.16e but not all of them.
The lack of encryption of MAC management messages that can affect the initial network entry process.
A solution based on the key session and the key management centre was proposed.
Further studies and simulations should be done in order to assess the different solutions offered.
ITEC 81030
ITEC 810
Thank Thank You !You !
31