mobile wimax security
DESCRIPTION
MOBILE WiMAX SECURITY. Student Name: Claudia Cardenas Student ID: 41416538 Supervisor Number: Rajan Shankaran. Contents. 1. Introduction. 2. Mobile WiMAX. 3. Security Threats. 4. Security in Mobile WiMAX. 5. Vulnerabilities Assessment. 6. Conclusion. Introduction. Customers’ Demands - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/1.jpg)
MOBILE WiMAX SECURITY
Student Name: Claudia CardenasStudent ID: 41416538
Supervisor Number: Rajan Shankaran
![Page 2: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/2.jpg)
ITEC 810
Contents
2. Mobile WiMAX
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
2
![Page 3: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/3.jpg)
ITEC 810
Introduction
Customers’ Demands Greater e-commerce usage High speed.MobilityLower costsMobile Internet
3
![Page 4: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/4.jpg)
Key Problems
ITEC 8104
VulnerabilitiesVulnerabilities
EE
CC
DD
AAEavesdropping Unauthorised modification of
messages
Masquerading: Unauthorised access
![Page 5: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/5.jpg)
Goals
ITEC 8105
![Page 6: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/6.jpg)
ITEC 810
Contents
2. Mobile WiMAX
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
6
![Page 7: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/7.jpg)
Mobile WiMAX
Flexibility
ITEC 8107
![Page 8: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/8.jpg)
Mobille WiMAX Architecture
ITEC 8108
![Page 9: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/9.jpg)
Access Service Network
Base Station Connection with the mobile subscriber Maintain the connection. Maintain the Status. Traffic Scheduling
The Access Service Network Gateway (ASN-GW)
Collecting and forwarding the traffic. AAA functionality QoS Management
ITEC 8109
![Page 10: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/10.jpg)
Mobile WiMAX Network Architecture
Different kind of users. Different deployments. Ability to grow. Internetworking.
QoS for each service and connection.
IP and non-IP network are integrated
ITEC 81010
![Page 11: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/11.jpg)
Protocol Layers
ITEC 81011
![Page 12: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/12.jpg)
ITEC 810
Contents
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
12
![Page 13: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/13.jpg)
Security Threats
ITEC 81013
Threats
Threats to PHY Layer
Threats to MAC Layer
![Page 14: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/14.jpg)
Threats to PHY Layer
Jamming Attack Scrambling Attack Water Torture Attack
ITEC 81014
![Page 15: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/15.jpg)
Threats to MAC Layer
Threats to Mac Management message in Initial Network Entry
Threats to Access Network Security Threats to Authentication
ITEC 81015
![Page 16: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/16.jpg)
ITEC 810
Contents
1. Introduction
3. Security Threats
4. Security in Mobile WiMAX
5. Vulnerabilities Assessment
6. Conclusion
16
![Page 17: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/17.jpg)
Security in Mobile WiMAX
ITEC 81017
![Page 18: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/18.jpg)
Encryption Overview
It is only applied to the payload. It is not applied to the MAC management messages. SS’s encryption capabilities are negotiated during
registration process. BS determines the encryption method to be used.
ITEC 81018
Encryption Mode Reference
DES in CBC mode DES algorithm [FIPS 46-3, FIPS 74, FIPS81]
AES in CCM mode AES algorithm [NIST Special Publication 800-38C, FIPS-197]
AES in CTR mode AES algorithm [NIST Special Publication 800-38A, FIPS 197, RFC 3686]
AES in CBC mode AES algorithm [NIST Special Publication 800-38A, FIPS 197, RFC 3686]
![Page 19: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/19.jpg)
Authentication Overview
ITEC 81019
![Page 20: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/20.jpg)
Authorization
ITEC 81020
![Page 21: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/21.jpg)
ITEC 810
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
6. Conclusion
21
![Page 22: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/22.jpg)
Vulnerabilities Assessment
Lack of mutual authentication. It could be the cause of impersonation.
This vulnerability is mitigated IEEE 802.16e by including the mutual authentication
ITEC 81022
![Page 23: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/23.jpg)
Weak encryption algorithms.
It could lead an integrity and confidentiality problem.
IEEE 802.16e not only supports DES-CBC, but also, several modes of AES that make the encrypting communications more secure
ITEC 81023
![Page 24: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/24.jpg)
Interjection of reused TEKs.
This characteristic makes easier perform a replay attack.
Valuable information and the traffic encryption key could be disclosed to unauthorized parties
IEEE802.16e introduces AES-CCM. It offers per packet randomization. Each data packed include its own unique
packet number
ITEC 81024
![Page 25: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/25.jpg)
Unencrypted management messages
These messages are not encrypted, so they are susceptible to eavesdropping attacks.
IEEE 802.16e-2005 offers integrity protection for specific unicast management messages
However this digest is not appended to initial network entry management messages
ITEC 81025
![Page 26: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/26.jpg)
Other Results
Three way TEK exchange and the authorization process.
No one vulnerability was found [Datta,2005].
The key management protocol was analysed by Yaksel and once again this software could not find any security hole.
The Multi-Broadcast Service (MBS) The protocol is secure on its own. (Kao,2006)
ITEC 81026
![Page 27: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/27.jpg)
Initial Network Entry
ITEC 81027
![Page 28: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/28.jpg)
Proposed Solution
SS → KMC: [SS, nonce1]Kss
KMC → SS: [Ks]Kss, [Ks]Kbs, nonce1, H([Ks]Kss, [Ks]Kbs, nonce1)
SS → BS: [Ks]Kbs, nonce2,H([Ks]Kbs, nonce2) BS → SS : [rand2]Ks
SS → BS : [rand2-1]Ks
ITEC 81028
![Page 29: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/29.jpg)
ITEC 810
Contents
1. Introduction
3. Security Threats
6. Conclusion
29
![Page 30: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/30.jpg)
Conclusion
The best aspirant technologies to serve the broadband demands on wireless access.
In terms of the PHY layer most of these attacks can be counteracted by using different signals and proper configuration of the protocol.
Some of MAC flaws have been fixed by the enhanced security of IEEE 802.16e but not all of them.
The lack of encryption of MAC management messages that can affect the initial network entry process.
A solution based on the key session and the key management centre was proposed.
Further studies and simulations should be done in order to assess the different solutions offered.
ITEC 81030
![Page 31: MOBILE WiMAX SECURITY](https://reader035.vdocuments.site/reader035/viewer/2022062422/56813e11550346895da7f0d9/html5/thumbnails/31.jpg)
ITEC 810
Thank Thank You !You !
31