overview of pkm authentication mechanism in wimax security protocol
DESCRIPTION
Overview on the Wimax authentication protocol presented. PKMv1 and PKMv2 analysed. General wireless security issues are overview.TRANSCRIPT
![Page 1: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/1.jpg)
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
Zachariah Pabi GARIBA
MPhil Telecommunication Engineering 1
Graduate Student Member IEEE
Email: zpgariba.coe @st.knust.edu
KNUST
![Page 2: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/2.jpg)
KNUST
PRESENTATION OUTLINE
IntroductionResearch ObjectivesWiMAX authentication protocolConclusionsReferences
![Page 3: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/3.jpg)
KNUST
Mobile computingDefined as having access to computing resources from anywhere; one's ability to use computing technology whilst moving.
Since this system is design provides open access across vast networked environments, security issue becomes a difficult task as the mobile devices cannot be tracked down to a single location.
The vital goal of security solutions for mobile networks is to provide services such as authentication, confidentiality, integrity, anonymity and availability to mobile users.
security can be implemented in any of the OSI seven layers.
![Page 4: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/4.jpg)
KNUST
Components of good security
Confidentiality: The non-occurrence of the unauthorized disclosure of information. No one except the sender and the receiver should have access to the information being exchanged.
Integrity: The non-occurrence of the unauthorized manipulation of information. No one except the sender and the receiver should be able to modify the information being exchanged.Authentication: The receiver’s ability to ascertain the origin of a message. An intruder should not be able to masquerade as someone else.Nonrepudiation: The receiver’s ability to prove that the sender did in fact send a given message. The sender should not be able to falsely deny later that he sent a message.
Service Reliability: The ability to protect the communication session against denial of service attacks.
![Page 5: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/5.jpg)
KNUST
Component methods
Confidentiality: encryptionIntegrity: Message hash calculation
Authentication: Digital signature or challenge response schemesNonrepudiation: Time stamping
TUESDAY: 9TH FEBRUARY, 2010
![Page 6: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/6.jpg)
KNUST
INTRODUCTION
TUESDAY: 9TH FEBRUARY, 2010
Table 1: Security system requirement
![Page 7: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/7.jpg)
KNUST
INTRODUCTION
Mobile computing devices
Laptop computers Personal Digital Assistants (PDAs) and handheld PCs PagersSmart phones and mobile phonesTask devices; bar code scan
TUESDAY: 9TH FEBRUARY, 2010
![Page 8: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/8.jpg)
KNUST
INTRODUCTION
Security componentsSecurity within networksSecurity for the devices
Supporting mobile computing networksTraditional wireless systemsWireless LANWireless Ad Hoc systems
TUESDAY: 9TH FEBRUARY, 2010
![Page 9: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/9.jpg)
KNUST
INTRODUCTION
TUESDAY: 9TH FEBRUARY, 2010
Table 1: Security system requirement
![Page 10: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/10.jpg)
KNUST
INTRODUCTION
WiMAX
The IEEE 802.16 protocol is also called WiMAX, which stands for worldwide interoperability of microwave access. It was first planned to offer the last mile for Wireless Metropolitan Area Network (WMAN) with the line of sight (LOS) of 30 – 50 km.
The original IEEE 802.16 standard covers line-of-sight connections in the 10–66GHz range, supporting speeds up to 280 Mbps over distances up to 50km (30 mi.). IEEE 802.16a covers non-line-of-sight connections in the 2–11GHz range, supporting speeds up to 75 Mbps over distances of 5–8km (3–5 mi.). IEEE 802.16a also adds features for mesh networks, while the 802.16e standard adds support for mobility.
TUESDAY: 9TH FEBRUARY, 2010
![Page 11: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/11.jpg)
KNUST TUESDAY: 9TH FEBRUARY, 2010
Table 2 IEEE 802.16 standard evolution
![Page 12: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/12.jpg)
KNUST
RESEARCH OBJECTIVES
To thoroughly review the authentication aspects of IEEE 802.16 standardTo underscore the security vulnerabilities and threats associated with WiMAX authentication.
![Page 13: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/13.jpg)
KNUST
RESEARCH METHODS
The research approaches will include qualitative and quantitative research methods, and computer simulation.
Present published security issues of IEEE 802.16 protocol in journals and conferences shall be review and the further readings for proposed security improvement.
![Page 14: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/14.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Transmission convergence sublayer
QPSK 16QAM 64QAM 256QAM
Security sublayer (PS)
Common part sublayer (CPS)
Convergence sublayer (CS)
Link layer control (LLC)
PHY Layer (L1)
MAC (L2)
Fig. 1: IEEE 802.16 protocol stack
![Page 15: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/15.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
The protocol architecture
The security sublayer has two protocols as follows;An encapsulation protocol for securing packet data across the BWA network.A key management protocol (PKM) providing the secure distribution of keying data from the BS to the SS.
![Page 16: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/16.jpg)
KNUST
Fig. 2: WiMAX security sublayer
![Page 17: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/17.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Privacy and key management (PKM)
SS uses PKM to obtain authentication and traffic keying from BS
PKM has two categoriesSS authorization and AK exchangeTEK exchange
![Page 18: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/18.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Key management protocolThe PKM protocol allows for both mutual authentication and unilateral authentication. It also supports periodic reauthentication/reauthorization and key refresh.
The key management protocol uses either EAP or X.509 digital certificates together with RSA public-key encryption algorithm.
There are two Key Management Protocols supported in this standard: PKM version 1 and PKMv2 with more enhanced features such as new key hierarchy, AES-CMAC, AES key wraps, and MBS.
![Page 19: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/19.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Authentication
Hash Message Authentication Code (HMAC)X.509 certificate
Manufacture certificateSubscriber certificateBase station certificate
Extensible Authentication Protocol (EAP)
IEEE 802.16-2004
![Page 20: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/20.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Authentication protocols
PKM supports two distinct authentication protocol mechanisms:RSA protocolExtensible Authentication Protocol (optional)
An SS uses the PKM protocol to obtain authorization and traffic keying material from the BS, and to support periodic reauthorization and key refresh.
![Page 21: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/21.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
PKM RSA authentication
The PKM RSA authentication protocol uses X.509 digital certificates the RSA public key encryption algorithm that binds public RSA encryption keys to MAC addresses of SSs.
All RSA authentication have factory-installed RSA private/public key pairs or provide an internal algorithm to generate such key pairs dynamically.
![Page 22: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/22.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
PKM EAP authentication
PKM EAP Authentication uses Extensible Authentication Protocol in conjunction with an operator-selected EAP Method (e.g. EAP-TLS).
The EAP method uses credentials such as an X.509 certificate in the case of EAP-TLS or a Subscriber Identity Module in the case of EAP-SIM.
![Page 23: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/23.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
![Page 24: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/24.jpg)
KNUST
IEEE 802.16 SECURITY
PKM v1
SS authorization and AK exchange overview: SS authorization, controlled by the Authorization state machine, is the process of the BS authenticating a client SS’s identityAuthorization via RSA authentication protocol: SS begins authorization by sending an Authentication Information message to its BS. The Authentication Information message contains the SS manufacturer’s X.509 certificate.
![Page 25: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/25.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
PKMv2
I.The PKMv2 key hierarchy defines what keys are present in the system and how the keys are generated. Since there are two authentication schemes, RSA and EAP, there are two primary sources of keying material.II.The RSA-based authorization process yields the pre-Primary AK (pre-PAK) and the EAP based authentication process yields the MSK.III.All PKMv2 key derivations are based on the Dot16KDF algorithm: The Dot16KDF algorithm is a counter mode encryption (CTR) construction that may be used to derive an arbitrary amount of secret key from source keying material.
![Page 26: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/26.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Digital signatures
Manufacture certificatesSS certificateBS certificate
![Page 27: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/27.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Cryptographic methods In PKMv2, SAs using a cipher suite employing DES-CBC, the TEK in the Key Reply is triple DES (3-DES) encrypted, using a two-key, 3-DES KEK derived from the AK.
The lifetimes of the two generations overlap such that each generation becomes active halfway through the life of it predecessor and expires halfway through the life of its successor.
![Page 28: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/28.jpg)
KNUST
Fig. 4: WiMAX security procedure
![Page 29: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/29.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Fig. 6: WiMAX overview
![Page 30: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/30.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Threats and vulnerabilities
Threats in the IEEE 802.16 standards have been grouped into two;
Physical layer threats and vulnerabilitiesMAC layer threats and vulnerabilities
![Page 31: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/31.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
Physical layer threats
Jamming and scrambling attacksWater torture attackReplay attacks in IEEE 802.16e mesh modes
![Page 32: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/32.jpg)
KNUST
IEEE 802.16 SECURITY PROTOCOL
ThreatsMAC management messages are sent in plain-text and not cipher-text.X.509 digital certificate; it uses RSA encryption with SHA-1 hashing.Downgrade attack is possible on the initial TEK authentication. The security capabilities are sent by SS to BS over an insecure connection, before negotiating the encryption keys, these include the kind of crypto functions to be used to cipher the data packets.In IEEE 802.16e SS can authenticate with BS with the new PKMv2 RSA authentication with its public key. Public key encryption and signature is a computationally heavy operation, so if flooded with false requests, the BS may be victim of a denial of service attack, using all its resources to evaluate digital signatures.
![Page 33: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/33.jpg)
KNUST
CONCLUSIONS
In mesh mode, an insider attacker can fool other nodes of the mesh to create man in the middle attacks, invade their privacy.There has been PKMv2 in the amended 2004 version which uses more enhanced features such as new key hierarchy, AES-CMAC, AES-key-wraps, and MBS.There is of BS X.509 digital certificate in IEEE 802.16eThe standard security mechanism does not handle layer 1 security.Potential security flaws also exist in IEEE 802.16e, especially the flaw existing in subscriber handover procedure.IEEE 802.16 supports mesh modeThere has been little research on layer 1 security issues for IEEE 802.16/WiMAX.
![Page 34: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/34.jpg)
KNUST
REFERENCES[1] Ahson, S. and Ilyas, M. (2008), WiMAX Standards and Security, CRC Press, Boca Raton, pp. 19-55, 197-243.[2] IEEE (2009), IEEE Standard for Local and metropolitan area networks: Air Interface for Broadband Wireless Access Systems (IEEE Std 802.16™-2009), IEEE, New York, pp. 558-565.[3] Menezes, A. Oorschot, P. V. and Vanstone, S. (1997), Handbook of Applied Cryptography, CRC Press, Boca Raton, pp. 1-42.[4] Di, P. et al. (2007), 'Overview and Analysis of IEEE 802.16e Security'.[5] Xu, S. and Huang, C.-T. (2008), 'Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions'.[6] Deininger, A. et al. (2007), 'Security Vulnerabilities and Solutions in Mobile WiMAX', IJCSNS International Journal of Computer Science and Network Security, vol. 7, no. 11, pp. 7-17.[7] Xu, S. Matthews, M. and Huang, C. (2006), 'Security Issues in Privacy and Key Management Protocols of IEEE 802.16', http://www.cse.sc.edu/~huangct/acmse06cr.pdf, [30th August 2009 at 00: 57].[8] Barbeau, M. (2008), 'WiMAX/802.16 Security in Mesh Mode', pp. 1-11.[9] Maccari, L. Paoli, M. and Fantacci, R. (2007), 'Security analysis of IEEE 802.16', ICC 2007.
![Page 35: OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL](https://reader035.vdocuments.site/reader035/viewer/2022062513/55590ba1d8b42a3d028b45b1/html5/thumbnails/35.jpg)
KNUST
THE END