Wimax1.0 1-49 2005 - 2011 Nokia Siemens Networks Module 216 - WiMAX Authentication Module 216 - WiMAX Authentication WiMAX Authentication: EAP-TTLS Step 1: MS to BS Radio link and BS to CAPC link activation Step 2: MS initiates authentication with the BS by sending a PKMv2 EAP-Start. The BTS creates and sends an nitiate Authentication message to the CAPC. The BTS includes a fag indicating whether or not the PKMv2 EAP-Start message was signed with a valid CMAC or if the CMAC was not included. The CAPC sends an M_SEC_EAP_REQ containing an EAP dentity Request to BS. The CAPC at this point does not know the EAP identity of the MS and must establish this identity before being able to contact the AAA server. The BS forwards the EAP-dentity Request to the MS via the PKMv2 EAP-Transfer message. The MS responds with a PKMv2 EAP-Message containing the EAP Response with the dentity information from the MS. The BTS forwards this EAP dentity response message to the CAPC within an M_SEC_EAP_RSP message and identifes whether or not the EAP-Message was sent with a valid CMAC digest. Upon receiving an M_SEC_EAP_RSP with an EAP dentity response the CAPC sends the RADUS Access request message to the active AAA server/proxy. Step 3: The AAA responds to the RADUS Access-Request with a RADUS Access-Challenge containing an M_SEC_EAP_REQ which in the EAP-TTLS case contains an EAP-TTLS Start. This begins the process of establishing the EAP-TTLS tunnel. AAA server and MS use TLS to establish an encrypted tunnel. TLS handshake messages are encapsulated in EAP-TTLS request/response message. EAP-TTLS requests message originates from AAA server to MS while MS sends the EAP-TTLS response message to AAA server. RADUS Access-Challenge messages carry the EAP TTLS request from AAA server to CAPC while RADUS Access request carry EAP TTLS response message from CAPC to AAA server. 1-50 Wimax1.0 2005 - 2011 Nokia Siemens Networks Module 216 - WiMAX Authentication Module 216 - WiMAX Authentication Wimax1.0 1-51 2005 - 2011 Nokia Siemens Networks Module 216 - WiMAX Authentication Module 216 - WiMAX Authentication After the handshake phase is completed, an end to end secure tunnel is established and MSS and AAA server have negotiated the security parameters for the next phase of MS user authentication using MS-CHAP-v2. Step 4: Upon successful authentication of user at AAA server, the AAA sends a RADUS Access-Accept message with EAP Success to CAPC. n case of authentication failure at AAA server, it sends a RADUS Access-Reject message with EAP Failure to CAPC. 1-52 Wimax1.0 2005 - 2011 Nokia Siemens Networks Module 216 - WiMAX Authentication Module 216 - WiMAX Authentication Wimax1.0 1-53 2005 - 2011 Nokia Siemens Networks