2886

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

QoS-Aware Distributed Security Architecture

for 4G Multihop Wireless Networks
Perumalraja Rengaraju, Chung-Horng Lung, Member, IEEE, and Anand Srinivasan

AbstractVehicular communications have received a great deal

of attention in recent years due to the demand for multimedia
applications during travel and for improvements in safety. Safety
applications often require fast message exchanges but do not
use much bandwidth. On the other hand, multimedia services
require high bandwidth for vehicular users. Hence, to provide
mobile broadband services at a vehicular speed of up to 350 km/h,
Worldwide interoperable for Microwave Access (WiMAX) and
Long-Term Evolution (LTE) are considered the best technologies
for vehicular networks. WiMAX and LTE are Fourth-Generation
(4G) wireless technologies that have well-defined quality of service
(QoS) and security architectures. However, some security threats,
such as denial of service (DoS), an introduction of rogue node, etc.,
still exist in WiMAX and LTE networks, particularly in multihop
networks. Therefore, strong security architecture and hasty authentication methods are needed to mitigate the existing security
threats in 4G multihop wireless networks. Conversely, the network
QoS should not be degraded while enhancing security. Thus, we
propose QoS-aware distributed security architecture using the
elliptic curve DiffieHellman (ECDH) protocol that has proven
security strength and low overhead for 4G wireless networks.
In this paper, we first describe the current security standards
and security threats in WiMAX and LTE networks. Then, the
proposed distributed security architecture for 4G multihop wireless networks is presented. Finally, we compare and analyze the
proposed solution using testbed implementation and simulation
approaches for WiMAX. From the simulation and testbed results
for WiMAX networks, it is evident that the proposed scheme
provides strong security and hasty authentication for handover
users without affecting the QoS performance. For LTE networks,
we present the theoretical analysis of the proposed scheme to show
that similar performance can also be achieved.
Index TermsDistributed security, elliptic curve Diffie
Hellman (ECDH), Long-Term Evolution (LTE), multihop, Worldwide interoperable for Microwave Access (WiMAX).

Manuscript received December 18, 2012; revised May 19, 2013, September
1, 2013, and October 11, 2013; accepted November 2, 2013. Date of publication
November 26, 2013; date of current version July 10, 2014. This work was
supported in part by Ontario Centers for Excellence and EION Inc., Ottawa,
ON, Canada. The review of this paper was coordinated by Dr. L. Chen.
P. Rengaraju is with the Department of Information Technology, Velammal
College of Engineering and Technology, Tamil Nadu 625 009, India (e-mail:
rpr@vcet.ac.in).
C.-H. Lung is with the Department of Systems and Computer Engineering,
Carleton University, Ottawa, ON K1S 5B6, Canada (e-mail: chlung@sce.
carleton.ca).
A. Srinivasan is with EION Wireless Inc., Ottawa, ON K2K 2E3, Canada
(e-mail: anand@eion.com).
Color versions of one or more of the figures in this paper are available online
at http://ieeexplore.ieee.org.
Digital Object Identifier 10.1109/TVT.2013.2292882

I. I NTRODUCTION

N general, vehicular applications can be divided into two

groups: safety and nonsafety applications. Safety applications often require fast message exchanges but do not use much
bandwidth. In order to support safety applications, such as collision avoidance, hard-braking warnings, accident reporting, and
intersection announcements, etc., vehicles are enabled to communicate with one another via (vehicle-to-vehicle communications) or via roadside access points (vehicle-to-roadside communications). These vehicular communications are expected to
contribute to safer roads by providing timely information to
drivers and to make travel more convenient. Conventionally,
vehicular ad hoc networks are used to implement dedicated
short-range communications (DSRC) for safety applications.
The DSRC standard, i.e., IEEE 802.11p, is probably the best
positioned technique to provide safety services.
On the other hand, the nonsafety applications require high
bandwidth and strong security to support multimedia services
for vehicular users. To support multimedia services for vehicular users, the networks that have high bandwidth, such as
cellular and satellite networks, are considered. When comparing cellular and satellite networks, satellite networks are more
expensive but provide lower quality-of-service (QoS) performance (higher delay and lower maximum throughput) [49].
On the contrary, the telecommunication industry landscape for
cellular networks is rapidly growing from second-generation
(2G) to fourth-generation (4G) to accommodate the increasing usage of multimedia applications and users mobility. In
4G networks, Worldwide interoperable for Microwave Access
(WiMAX) and Long-Term Evolution (LTE) are two emerging
broadband wireless technologies aimed at providing high-speed
Internet of 100 Mb/s at a vehicular speed of up to 350 km/h [9].
Further, 4G wireless standards provide well-defined QoS and
security architecture. For this reason, 4G cellular networks are
considered up-and-coming technologies for vehicular multimedia applications.
WiMAX and LTE resemble each other in some key aspects,
including operating frequency spectrum, high capacity, mobility, strong QoS mechanisms, and strong security with a similar
key hierarchy from the core network to the access network.
However, WiMAX and LTE also differ from each other in
certain aspects, as they have evolved from different origins.
LTE has evolved from 3rd Generation Partnership Projects
(3GPP); thus, the LTE network has to support the existing 3G
users connectivity, but there is no such constraint for WiMAX.
Particularly, on the security aspect, the WiMAX authentication process uses Extensive Authentication Protocol Tunneled

0018-9545 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

Transport Layer Security (EAP-TTLS) or EAP-Transport Layer

Security (EAP-TLS), which allows enterprise customers to use
X-509 certificates that contain enterprise-controlled password.
On the other hand, the LTE authentication process uses the EAP
Authentication and Key Agreement (EAP-AKA) procedure that
authenticates only the International Mobile Subscriber Identity
(IMSI) burned in a subscriber identity module (SIM) card.
Consequently, the LTE security does not meet the enterprise
security requirement, as LTE does not authenticate enterprisecontrolled security [12].
Although the authentication process is different between
WiMAX and LTE, both have well-defined security architecture.
In addition, the security key hierarchy is similar in both networks, and they both adopt symmetric key encryption. WiMAX
uses either Advanced Encryption Standard (AES) or 3-Digital
Encryption Standard (3DES), and LTE uses either AES or
SNOW 3G. Nevertheless, some security threats, such as denial
of service (DoS), an introduction of rogue node, etc., still
exist in 4G wireless networks. As a result, strong security
architecture and hasty authentication methods are needed to
mitigate the existing security threats in 4G vehicular networks.
Conversely, the network QoS should not be degraded while
enhancing security. Further, the recent WiMAX and LTE standards have introduced relay nodes in a multihop network to
increase network coverage and capacity. However, multihop
networks also augment the security threats and prolong the
transmission delay between the user and the destination. Therefore, the first objective of this research work is to analyze
the security architecture in 4G multihop networks and provide
QoS-aware solutions for the existing security threats.
In wireless communications, security threats may occur in
both the physical (PHY) and the medium access control (MAC)
layers. The attacker can attack the radio frequency (RF) channel
for the PHY-layer threats. For the MAC-layer threats, the
attackers can spoof, modify, and replay the MAC-layer control
messages. In one of the worst case scenarios, the attackers take
total control of the network by knowing the confidential details
in control messages. Nevertheless, in practice, Internet service
providers may use the Internet Protocol Security (IPSec) approach at Layer 3 for their wireless access due to its popularity
in wired networks [32], [33]. Usually, IPSec will affect the
QoS performance, because the IPSec header in each packet
consumes additional bandwidth. To mitigate the security threats
and performance degradation, we propose a distributed security scheme using a protocolelliptic curve DiffieHellman
(ECDH)that has lower overhead than that of IPSec. ECDH is
a Layer-2 key agreement protocol that allows users to establish
a shared key over an insecure channel. ECDH was investigated, and the results showed that it did not affect the QoS
performance much in 4G single-hop WiMAX networks [46].
Therefore, ECDH is adopted in this research in dealing with
the existing Layer-2 security threats for 4G multihop networks.
Further, we also compare the security and QoS performance
of the IPSec and the default security scheme as defined in the
WiMAX standards, using a testbed implementation [47].
This paper is an extension of our previous effort, as presented
in [46], which was simply an initial theoretical study based on
the proposed ECDH scheme and considered only the WiMAX

2887

network. Further, as the MAC control functions are embedded

in available WiMAX chipsets, we were unable to implement
our proposed scheme in a real-time testbed. For this reason,
the second objective of this paper is to perform simulations to
evaluate the QoS performance of the proposed scheme using
ECDH. Moreover, there is a lack of an integrated study and
QoS-aware solutions for multihop WiMAX and LTE security
threats in existing research efforts. Therefore, the third objective of this paper is then to analyze both WiMAX and LTE
for network convergence that may be useful or even crucial for
service providers to support high-speed vehicular applications.
In short, we are motivated to fill those research gaps, and we
have made the following contributions in this paper.
We conduct a thorough literature study and systematically
analyze various security threads for both WiMAX and LTE
multihop networks.
We extend the theoretical study of our initial solution in
[46] and design the security architecture using ECDH for
multihop WiMAX networks, which has been validated
with NS-2 simulation.
We have identified the DoS/Reply attack threat in the LTE
network during the initial network entry stage of the user
equipment (UE). We also extend the theoretical study in
[46] for multihop LTE networks. As the WiMAX and LTE
networks have similarities in security key hierarchy from
the core network to the access network and symmetric key
encryption, we further apply the design of ECDH to LTE
networks.
The rest of this paper is organized as follows. Section II describes the security architecture as defined in WiMAX and LTE
standards. The existing security threats and related works in 4G
wireless networks are analyzed and described in Section III.
Section IV discusses the proposed distributed security architecture using the ECDH key exchange protocol. The security and
QoS analysis of the proposed scheme are compared with other
practical approaches, which are presented in Section V. Finally,
we conclude this paper in Section V.
II. BACKGROUND
Here, the single-hop and multihop WiMAX security architectures defined by the IEEE 802.16 standards is described in
the first two subsections for better understanding of existing
security threats and the proposed solution. In the last two
subsections, the single and multihop LTE security architecture
defined by the 3GPP standards is described.
A. Security Architecture in Single-Hop WiMAX Standards
The security architecture defined by the mobile WiMAX
network is composed of two component protocols: 1) an encapsulation protocol for data encryption and authentication
algorithms, and 2) a key management protocol [Privacy Key
Managementversion2 (PKMv2)] providing the secure distribution as keying data from the Base Station (BS) to the
Mobile Station (MS) [4]. PKMv2-based initial ranging and
connectivity is shown in Fig. 1.
As presented in Fig. 1, after downlink channel synchronization (DL Sync.), the MS will send the ranging request (RNGREQ) message. In turn, the BS informs the frequency, time, and

2888

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

Fig. 1. Initial ranging and network entry in mobile WiMAX [4].

power offset values in the RNG_RSP message. If any collisions

occur during the request, the BS sends a failure notification in
the RNG_RSP message, and the MS will repeat the ranging
process. Once the MS succeeds in the ranging process, it negotiates for basic capabilities in the Subscriber Basic Capability Request (SBC_REQ) message. The subsequent steps, EAP-based
authentication, authorization and security association (SA), and
then secured data transfer, are shown in shaded blocks in Fig. 1,
which are described in the passage that follows.
EAP-Based Authentication: Authentication addresses establishing the genuine identity of the device or the user wishing
to join a wireless network. The message flows in EAP-TTLSbased authentication are shown in Fig. 1. The authenticator in
the access network gateway (ASN GW) sends an EAP Identity
request to the MS, and the MS will respond to the request by
sending a PKM-REQ (PKMv2 EAP-Transfer) message. The
PKM-REQ message contains the details of SIM or X509 certificate. Then, the ASN GW forwards PKM-REQ to the AAA
server over the radius protocol. The AAA server authenticates
the device and provides the master session key (MSK) in
the EAP-TTLS protocol. Then, AAA forwards the MSK to the
authenticator (in ASN GW). The authenticator generates the
AK from the received MSK and forwards AK to the BS. At
the same time, the MS also generates the same AK from MSK.
Now, the BS and the MS mutually authenticate each other
using AK.
Authorization and SA: Once the device or the user is authenticated by the network, the BS has to authorize the user by the
unique SA Identity (SAID) using the SA-transport encryption
key (SA-TEK) challenge messages, as shown in the second
shaded block in Fig. 1. The Authorization Request includes
MSs X.509 certificate, encryption algorithm, etc. In response,

the BS sends the AK encrypted with the MSs public key, a

lifetime key, and an SAID. After the initial authentication from
AAA, the BS authorizes the MS periodically.
Traffic Encryption and MAC Message Protection: The MS
establishes an SA for each service flow where the BS provides both uplink and downlink TEK to encrypt the data.
Advanced encryption standard counter with cipher-block chaining mode (AES-CCM) is the ciphering method used for protecting all the user data. Initially, TEK is generated from
the EAP-based authentication and then refreshed by the BS
periodically. Alternatively, MAC messages are protected using
AES-based cipher-based message authentication code (CMAC)
or message-digest-based hashed MAC (MD5-based HMAC)
schemes. For multicast broadcast service, the BS transmits the
group key encryption key and the group traffic encryption key
to each MS via unicast messages.
B. Security Support in Multihop WiMAX Standards
The security architecture defined in IEEE 802.16j for multihop WiMAX networks is pretty much similar to that of the
mobile WiMAX standards. However, some additional features
are added to support the multihop communications. The additional features are as follows [2].
The network may use either the centralized or the distributed security mode. The distributed security mode will
reduce the burden of the BS as well as the delay to
reestablish the SA for multihop RSs/MSs.
An establishment of a security zone (SZ): An SZ is the set
of trusted relationships between a BS and MSs or between
RSs and MSs. RSs and MSs become members of a BSs
SZ by authenticating using PKMv2.

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

Fig. 2.

2889

Authentication and SAs during UEs network entry in LTE.

Transport tunnel connections may be established between

the BS and an access RS to encapsulate the payload. For
the tunnel-mode operation, one or more tunnels may be
established between the BS and the access RS after the
network entry is performed. In IEEE 802.16e, the BS or
the MS will send the data in the form of bursts [collection
of MAC protocol data units (PDUs)]. Each burst can be
identified by their uplink or downlink connection identifier
(CID). In the tunnel mode, MAC PDUs that traverse
a tunnel will be encrypted and encapsulated in a relay
MAC PDU with the relay MAC header carrying the traffic
tunnel CID (T-CID)/management tunnel CID (MT-CID).
The station at the ingress of the tunnel is responsible for
encapsulating the MAC PDUs into the relay MAC PDU
where the station at the egress of the tunnel is responsible
for removing the MAC header.
Similarly, the security architecture in the IEEE 802.16m standard has a few modifications to adapt to the advanced air interface network conditions [3]. The modifications are as follows.
Only EAP-based authentication is supported, not the
Rivest Shamir and Adleman algorithm.
SAs are static only.
TEKs are derived at the MS and not at the BS, and the
encryption algorithms are AES-CCM and AES-CTR.
There are three levels of MAC management message
protections: no protection, CMAC, and encrypted by
AES-CCM.
Instead of reauthentication, key renewal is used (using the
key agreement protocol) during fast handovers. AMS-ID

is used for key derivation purposes and for initial and

handover ranging.
C. Security Architecture in Single-Hop LTE Standards
The security architecture for LTE networks is described by
3GPP standards [6]. In LTE Evolved Packet System (EPS),
multiple SAs exist in the system to protect different layers of the
network [39]. The first security layer is to protect control plane
signaling and user plane data between the UE and the evolved
Node-B (eNB). This control plane signaling between the UE
and the eNB is also called access stratum (AS) signaling. The
second layer security is to protect the control plane between
the UE and the mobility management entity (MME), which
is also called nonaccess stratum (NAS). The third layer is the
long-term SA between the UE and the home subscriber server
(HSS). In addition to AS and NAS security layers, the LTE
standards provide the security architecture for IP multimedia
subsystem (IMS) services, Home eNB (HeNB), machine-type
communication (MTC), etc. However, this paper focuses on
solutions for access network security; those security threats are
out of the scope of this paper. For access network security,
the UE initial attachment and the security architecture for AS
and NAS layers are investigated and described in the following
paragraphs.
The establishment of the AS and the NAS security contexts
during UEs initial attachment is shown in Fig. 2. The network
elements in the LTE-EPS architecture are similar to those used
in WiMAX, but several terms are different in LTE. For instance,
in LTE, UE replaces MS, eNB replaces BS, MME replaces

2890

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

ASN GW, and HSS replaces CSN-GW. AS in the WiMAX

network, the UE first synchronizes with the downlink channel
to receive and decode the cell system information, to communicate and operate properly within the cell. The downlink master
information block (MIB) is transmitted using the broadcast
channel (BCH), whereas system information blocks (SIBs) are
transmitted using the downlink shared channel (DL-SCH).
The next step in initial attachment and the connection setup
procedure is random access. The random-access procedure nullifies the timing offset for uplink communications. In addition,
in the random-access procedure, a unique cell radio network
temporary identifier (CRNTI) is assigned to the terminal. Once
the random-access preamble is transmitted, the UE monitors
for random-access response, including CRNTI with the same
PreambleID. If the received preamble identifier does not match
the transmitted random-access preamble, the random-access
response is considered not successful, and the UE continues
until the count reaches PREAMBLE_TRANS_MAX.
Authentication in EPS-AKA: The mutual authentication between the user and the network takes place by ensuring that
the serving network (SN) authenticates the users identity and
that the UE validates the signature of the network provided
in the authentication token (AUTN). During the initial Attach
Request, the UE sends its identity and serving network identity
(SN ID), and eNB forwards the information along with its
identifier to MME. Then, MME sends a request to the home
environment (HE) querying the authentication vector for a
specific SN ID and IMSI. The HSS in HE responds with an authentication vector. Each vector has AUTN, RAND, XRES, and
KASME . The derived keys, i.e., KASME , Ck, and Ik, are stored
in a key set and identified by a key set identifier (KSIASME ).
The KSIASME is sent by the MME to the UE in the Authentication Request message along with the AUTN and RAND. The
universal SIM (USIM) computes KASME , Ck, and Ik and then
sends back the calculated RES in the Authentication Response
message. Now, the MME compares RES with the received
XRES from HSS. If RES and XRES are the same, MME starts
the procedure for ciphering and integrity protection at the next
establishment of a NAS signaling connection without executing
a security-mode command (SMC) procedure [34].
SA for Ciphering and Integrity Protection: In EPS-AKA,
ciphering is applied to both NAS and AS signaling messages
and the user plane data at the AS to ensure confidentiality. On
the other hand, integrity protection is applied to all signaling
messages at both the NAS and the AS levels to ensure message
originality. All integrity and cipher keys are derived from the
master key K, which is unique to a user and is stored in a secure
manner in both the USIM and the HE. Hence, HSS in HE and
UE use the same procedure to generate the Ck and Ik from the
key K using the same keying functions. Then, HSS forwards
Ck and Ik to MME. The subsequent NAS domain session keys
for ciphering (KNASenc ) and integrity protection (KNASint )
and AS domain keys for ciphering and integrity protection
(KeNB , followed by KUPenc , KRRCenc , and KRRCint ) are derived using KASME .
Security During Handover: To achieve a secure communication between the vehicular nodes (UE) and an eNB, an
MME and the UE shall derive a KeNB and a next-hop (NH)

parameter from the KASME . An NH chaining counter (NCC) is

associated with each KeNB and the NH parameter. To support
fast handovers in vehicular networks, a new session key, i.e.,
KeNB , is derived from an existing key, i.e., KeNB , or from the
NH parameter instead of generating a new key.
D. Security Support in Multihop LTE Standards
To support multihop operations, RNs are introduced, and
some additional functions are added to eNB that support
1) S-GW/P-GW functionality for the RN, and 2) proxy functionality between the RN and MME-UE. The new eNB is
called Donor eNB (DeNB). The additional security functions
for multihop LTE are as follows [6].
A removable universal integrated circuit card (UICC) is
inserted into the RN for authentication purposes.
The AS level encryption is switched on between the RN
and the DeNB.
The RN acts as the UE for DeNB and the eNB for regular
UE devices. Hence, the distributed security architecture is
realized in multihop LTE networks.
One-to-one binding is realized between an RN and a
USIM, either by using symmetric preshared keys or by
certificates. For certificates, the UICC inserted into the RN
contains two USIMs, where USIM-INI is used for initial
IP connectivity in an unsecured channel, and USIM-RN
communicates only via a secure channel.
III. S ECURITY T HREATS IN W ORLDWIDE INTEROPERABLE
FOR M ICROWAVE ACCESS AND L ONG -T ERM
E VOLUTION N ETWORKS
The main cause for the MAC-layer security threats in 4G
vehicular networks is due to certain unprotected MAC management messages between the MS and the BS. Many research
efforts have been published on MAC-layer security threats in
both WiMAX and LTE networks, and a few of them discussed
the implementation of IPSec security for WiMAX vehicular
networks. This section analyzes and classifies the security
threats that exist in WiMAX and LTE networks separately in
the following subsections.
A. Security Threats in WiMAX Networks
A comprehensive taxonomy of various attacks and countermeasures on single-hop WiMAX networks was reported in
[50]. The security threats discussed in that paper are primarily due to unprotected MAC messages in a communication
between the MS and the BS. When the control messages are
in plain text, the attackers/intruders can easily spoof, modify,
and reply to those control messages for the intended receiver
node. The severity of the security threats may vary based on the
modification of those control messages. Similarly, the attackers
may send the continuous false packets unnecessarily to the
receiving node for the water torture attacks. However, in the
recent multihop WiMAX standard (IEEE 802.16m) [3], once
the user is registered with the home network, the security layer
may use three levels of protection for the MAC management

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

2891

TABLE I
S ECURITY T HREATS IN WiMAX N ETWORKS

messages, i.e., no protection, CMAC, and encrypted by AESCCM. As a consequence of adding encryption support for
MAC messages, some of the security threats discussed in [50]
no longer exist for multihop WiMAX, which are highlighted
in Table I. Further, the security threats that exist in multihop
WiMAX networks were not discussed in [50]. Therefore, the
security threats and countermeasures discussed in [50] and
the additional security threats for multihop WiMAX that are
discussed in other papers [46], [51] have been investigated,
analyzed, and summarized in Table I.
In addition, Layer-3 IPSec security was analyzed in a few
research efforts to overcome the existing security threats in
WiMAX [31][33]. To provide mobility support, IPSec is combined with Mobile IP (MIP) along with some modifications
[31]. Although IPSec is combined with the MIP, it does not
provide mobility support at high speed.
B. Security Threats in LTE Networks
Similar to WiMAX security, many research efforts have been
published for LTE networks. To understand the concept of security threats in LTE, Cao et al. in [62] presented a comprehensive survey of various attacks and solutions in LTE networks.

The major categories are vulnerabilities in 1) access network;

2) IMS domain; 3) HeNB; and 4) MTC domain. However,
due to the page limit, we only focused on the access network.
The various security threats in LTE access networks have been
studied and summarized in Table II. As we have identified the
DoS/Reply attack in LTE, which is one of the major security
threats in LTE, a detailed description of the attack is also
presented.
DoS Attack During Initial Attachment: In LTE networks,
DoS attacks may be possible during the initial attachment
because the UE is sending MAC messages in plain text to eNB.
DoS attack during the initial attachment is very critical as the
UE cannot register with the home network. This is similar to the
DoS attack in WiMAX networks during initial network entry.
During the random-access process, the UE sends the randomaccess preamble to eNB and waits for the response until the
predefined time limit. eNB responds to UE for timing adjustments and bandwidth allocation by sending an Attach Request
message along with the PreambleID. If the received randomaccess PreambleID does not match the transmitted randomaccess preamble, the random-access response is considered not
successful, and the UE continues the random-access process
until the count reaches the maximum limit. Since the response

2892

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

TABLE II
S ECURIY T HREATS IN LTE N ETWORKS

is in plain text, an attacker can easily change the PreambleID

continuously. As a result, the UE cannot register with the home
network, which leads to the DoS attack.
IV. P ROPOSED D ISTRIBUTED S ECURITY A RCHITECTURE
In many practical implementations, it has been proved that
ECDH can establish a shared secret over an insecure channel
at the highest security strength [29], [30]. Based on those studies, our proposed architecture considers ECDH as part of the
Layer-2 security scheme for every node. Using EDCH, the
MS/RS establishes a secured tunnel with the BS in the ranging
process. Similarly, the UE/RN establishes a secured connection
with the eNB/DeNB. The two main tasks of the proposed
solution are 1) initial ranging for WiMAX or random-access
procedure for LTE using ECDH, and 2) neighbor authentication
using ECDH. The following passage describes the tasks in more
detail.
A. Secured, Initial Ranging in WiMAX/Random-Access
Procedure in LTE
The secured initial ranging (for WiMAX) or random-access
procedure (for LTE) for the first-hop and the nth-hop node is
shown in Fig. 4. The multihop network consists of one BS/eNB,
a few RSs/RNs, and many MSs/UE devices. For the first hop,

the BS/eNB broadcasts the PHY layer and system parameters, including ECDH global parameters and public key of the
BS/eNB in the downlink channel descriptor (DCD) message
in the case of WiMAX and in MIBs and SIBs in the case of
LTE. Consider the initial-ranging process, any WiMAX node
(MS/RS) that wants to connect with the BS generates the public
and private key pairs and sends the public key to the BS, along
with initial-ranging code in the RNG_REQ message, which is
encrypted using the BS public key. In turn, the BS will send the
RSG_RSP message, which is encrypted with the MS/RS public
key. Hence, the MS/RS establishes a secure tunnel with the
BS during the initial-ranging process, and the subsequent MAC
messages are encrypted using the receivers ECDH public key.
In our secured initial-ranging process, the only additional
bandwidth overhead is the exchange of global parameters and
public keys, e.g., in WiMAX, the global parameter G(P, Q),
and the BSs public key PB in the DCD message, and then
the RSs public key PR in the RNG-REG message, which are
highlighted in the first three messages, as shown in Fig. 3. The
information in the remaining messages follows the standard,
i.e., WiMAX messages presented in regular font are similar to
that in Fig. 1, and LTE messages presented in italic font are
similar to that in Fig. 2. The computational overhead is added
for the BS and RS to encrypt the MAC messages using the
receivers public key until the SA is established. In total, the

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

Fig. 3.

2893

Initial ranging and connectivity using the ECDH protocol [46].

additional overhead for the proposed scheme is only slightly

higher compared with the original initial ranging and connectivity tasks. See the overhead from our simulation in Section V-B.
Similarly, any LTE node (UE/RN) that wants to connect
with the eNB generates the public and private key pairs and
sends the public key to the eNB in a random-access preamble
message, which is encrypted using the eNBs public key. The
eNBs random-access response message is encrypted using the
UE/RN public key. The subsequent Attach Request and other
communications are encrypted using the receivers public key.

B. Distributed Security Using ECDH in Multihop WiMAX

To establish hop-by-hop authentication and to reduce the
computational overhead for the centralized node, distributed security architecture is necessary for multihop networks. Further,
the centralized security mode introduces longer authorization
and SA delay than that of the distributed mode, which affects
the QoS performance in vehicular networks. In multihop LTE
networks, the security architecture defined by the 3GPP standard is a distributed scheme. On the other hand, selection of
the distributed security mode in WiMAX is optional, but data
transfer using the tunnel mode is still an open issue. Hence, we
proposed the distributed security architecture using ECDH for
multihop WiMAX networks. For multihop (nth hop) connectivity using ECDH, the cell-edge RS broadcasts its public key,
ECDH global parameters, RS-ID, and system parameters in the
DCD broadcast message. The MS/RS that wishes to join with
access RS starts the ranging and connectivity process. After the
initial connectivity, if the newly connected node is an RS, then
the superordinate RS will share the public key of the BS and the

corresponding global parameters. The new RS will associate

with the BS by sending its public key to the BS. Hence, the
multihop RS can send its traffic over the tunnel mode.
Fig. 4 shows the SA and key management in the proposed
security architecture. For multihop users, the access RS maintains the encryption and SA keys as similar to the BS, where
the BS maintains the SA keys of single-hop MSs, RSs, and
ECDH public key of multihop RSs. In Fig. 4, the BS maintains
the SA and encryption keys of MS1, RS1, and RS2 as well
as the ECDH public key of RS3. RS1 maintains the SA and
encryption keys of MS2, MS3, and RS3. RS2 and RS3 maintain
the encryption keys of MS4 and MS5, respectively. Suppose
MS5 wants to send an encrypted data in a tunnel mode, first, it
encrypts the traffic using SA-TEK associated with RS3. Then,
RS3 decrypts the traffic using SA-TEK and encrypts the data
using BSs public key. Hence, the intermediate RS1 does not
need to decrypt/encrypt the traffic. This architecture is useful
and efficient for supporting the tunnel-mode operation.
C. Neighbor Authentication and SA [46]
We propose neighbor authentication and SA for multihop WiMAX/LTE networks to avoid network coding security
threats and secured preauthentication for fast handovers. Providing fast-handover support improves the QoS performance
of the vehicular networks. Consider the WiMAX network, if
any new RS is connected with the network, the BS will inform
the updated members list to the existing RSs group in a regular
DCD message. Now, if the new RS finds another RS during
channel scanning, it verifies whether the RS is genuine or not
by verifying the RS-ID. Then, the new RS will send the public
key and the RS-ID to the neighbor RS for establishing the SA.

2894

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

Fig. 4. Distrubuted security architecture in WiMAX.

Fig. 6.

Connection diagram of the testbed setup [47].

message during a handover. Hence, the total overhead for

establishing the SA is very small.
Fig. 5. Neighbor authentication using the ECDH protocol.

The neighbor RS will also send the public key in response. At

the end of association, RSs generate the uplink and downlink
CMAC digital signatures from AK and exchange the digital
signatures among them.
Fig. 5 shows the neighbor authentication process. In step 1,
the RS3 receives the updated RSs list after the ECDH agreement with the BS. During the scanning process, RS3 may find
the DCD and other downlink parameters of RS2, as shown in
step 2. Since RS3 knows that RS2 is a legitimate node based
on the list that it received from the BS, it establishes the ECDH
agreement with RS2. After the ECDH key agreement, both RS2
and RS3 share their digital signatures, as shown in steps 3 and 4.
For LTE networks, multihop UE/RN connectivity and SA
with neighbor RS is similar to that of the WiMAX networks.
The corresponding LTE message sequence, which is in italics
font and enclosed in parentheses, is from step 1 to step 4 in
Fig. 5. In this proposed architecture, the additional bandwidth
overhead is the exchange of global parameters and public
keys with neighbor nodes using ranging messages. The only
computational overhead is used to encrypt the preauthentication

V. S IMULATION , T ESTBED R ESULTS , AND A NALYSIS

For existing and our proposed security schemes, measuring
and analyzing both the security level and QoS performance is
mandatory for 4G vehicular networks, as they intend to provide
high QoS and security for their customers. Here, we first compare the performance of IPSec security for WiMAX networks
with the default security scheme using testbed implementation.
Then, we measure the connectivity latency performance of
the proposed ECDH security scheme using NS2 simulation.
Finally, we analyze the security and QoS performance of the
proposed ECDH security for both WiMAX and LTE networks.
A. IPSec and Basic Security Performance Using Testbed Setup
The WiMAX testbed experiments consist of one IEEE802.16d-based EIONs Libra MAX BS Out-Door Unit (ODU),
one In-Door Unit (IDU), and two Libra MAX subscriber stations (SSs), where the BS-ODU and SSs are wireless devices,
and BS-IDU acts as a gateway for the BS-ODU unit. The network management system and AAA severs are running on the
BS-IDU unit. The traffic generation/performance analysis tool
used for the testbed is IXIA [45]. The BS and SSs connectivity

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

TABLE III
S YSTEM PARAMETERS [47]

2895

TABLE V
SS C ONNECTIVITY T IME [47]

TABLE IV
IPS EC C ONFIGURATION AND S TATUS V ERIFICATION

Fig. 7. Throughput performance.

setup is shown in Fig. 6, and the system parameters are given in

Table III. The network on the left side of the IPSec tunnel is the
Left Subnet and that on the right side is the Right Subnet. Both
SS1 and SS2 belong to the 192.168.2.xxx network and also
the left side of the IPSec tunnel interfaces. For configuration
and management purposes, one of the SSs (SS1 in Fig. 6) is
connected to the PC through an Ethernet switch. Ethernet cables
are used to connect the devices other than the wireless interface.
Wireless connectivity is established using wireless RF cables
with 60-dB attenuators instead of a wireless medium. The
provisioning of wireless link capacity is configured in the AAA
server. The BS and SSs are operating in a static routing mode.
The security schemes used in this experiment are basic
WiMAX MAC security and Layer-3 IPSec on top of the MAClayer security. The Layer-3 IPSec tunnel was enabled between
SSs and BS-IDU. Once the SSs establish the connectivity
with the BS-ODU, they initiate an IPSec connection with
the BS-IDU. The IPSec configurations, handshake messages,
and connection establishment status are shown in Table IV.
The QoS performance metrics used in the experiments are SS
connectivity latency, throughput, frame loss, and latency.
For vehicular networks, MS connectivity latency is one of
the main QoS requirements. When a handover occurs, the MS
needs to be reauthenticated and authorized for existing service
flows that may affect the quality of experience of an application.
Table V shows the SS connectivity time for default MAC-layer
security and IPSec. From the results, it is evident that the SS
connectivity latency is higher (67% for SS1 and 100% for

Fig. 8. Frame loss performance.

SS2) for IPSec, as it consumes significant more time for IPSec

connection. For vehicular networks, the IPSec tunnel has to
be broken with current BS and reestablished with target BS
during handovers. Hence, the IPSec solution is not suitable for
vehicular networks.
Fig. 7 shows the throughput (in megabits per second) performance of the system for both the default and the IPSec security
schemes. Provisioning of uplink and downlink wireless link for
both the SSs in the AAA server is varied from 0 to 20 Mb/s.
Using an IXIA traffic generator, traffic is transmitted for the
total provisioned wireless capacity, and the received traffic is
also noted. From the results, it is clear that the throughput for
the IPSec security scheme is less than that for the MAC-layer
security scheme. Initially, when the wireless link capacity is
small, corresponding payloads (1500-byte packet) in the traffic
are small. Hence, the drop is negligible. However, when the
traffic reaches the maximum link capacity at 19 Mb/s, the
difference is countable, where the actual traffic received is only
about 18.5 Mb/s. The difference in throughput is due to the
additional overhead of 40 bytes of IPSec header in each frame.
Fig. 8 shows the end-to-end frame loss performance with
respect to the total link capacities of the two SSs. Initially,
as the number of packets (payload) is small at low wireless

2896

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

TABLE VI
S YSTEM PARAMETERS

TABLE VII
L ATENCY FOR D EFAULT AND ECDH S CHEME
Fig. 9. Latency performance.

link capacity, frame loss is small (< 40) until the input traffic
reaches 7 Mb/s. The frame losses in the IPSec scheme increases as the link capacity increases. The frame loss increases
almost linearly for the IPSec scheme between the input traffic
8 Mb/s and 12 Mb/s. After that, the IPSec security scheme
has much more packet losses where the frame loss at 15 Mb/s
for the default MAC security scheme is 25, but in IPSec, it is
225, because a 40-byte IPSec header is added to each frame.
This 40-byte overhead in the IPSec tunnel increases the frame
losses for the IPSec security scheme. The packet drop increases
in both schemes when the input traffic exceeds the practical
system capacity of 18.5 Mb/s.
The average delay/latency experienced by the traffic for different link capacities is shown in Fig. 9. The delay experienced
by the traffic in the IPSec security scheme steadily increases
from 4 to 9 Mb/s. The delay for the IPSec scheme is much
higher than that for the MAC security scheme when the wireless
link capacity reaches 10 Mb/s. After 10 Mb/s, the average
delay experienced by the IPSec is more than double when
compared with the default MAC security. At 11-Mb/s input
traffic, the average delay experienced by the MAC security is
50 ms, whereas the average delay experienced by the IPSec
is 100 ms. This increase in delay is due to the processing
time for the IPSec encryption and additional queuing delay at
SSs and BS. Although the wireless link capacity is the same,
additional overhead in Layer-3 and Layer-2 headers increases
the payload before entering into the wireless interfaces.
B. ECDH Performance Using Simulation
In the previous subsection, the performance of the IPSec
security scheme is compared with the default WiMAX security scheme. In that experiment, the Layer-3 IPSec is crosscompiled and running as a module in the WiMAX target
board. Hence, the IPSec tunnel is established between SS and
BS-IDU after the IP connectivity. On the other hand, the ECDH
implementation is at Layer 2. For that, as the lower MAC and
security functions are embedded on the chips, it is not possible
to test ECDH using testbed. Hence, simulation environment is
selected for the ECDH performance evaluation. The simulation
environment has the following assumptions.
The main aim of ECDH implementation is to protect the
MAC messages that are in plain text.

The WiMAX and LTE standards provide secure environments for data transfer once SA is established.
In many practical implementations, it has been proved
that ECDH can establish a shared secret over an insecure
channel at highest security strength [29], [30]. Hence,
the intention for this simulation is to evaluate the QoS
performance, not to measure the security strength.
Once the SA is established, the network adopts the default
security (compliance to the standard). Hence, the security
level and the QoS performance, such as latency for traffic,
throughput, and frame loss, are the same.
Based on the given assumptions, the main aim of this simulation is to find the MS initial connectivity latency and the handover latency of the vehicular networks. However, the existing
WiMAX patches for NS-2 simulators and other simulators such
as OPNET, etc., do not have the WiMAX security functions.
Hence, we integrate the DiffieHellman algorithm with NS-2
for generating shared secret and added the necessary message
flows for authentication and authorization functions. The MAC
messages are encrypted using the receivers (either the BS or the
MS) DiffieHellman public key. The system parameters used in
this simulation are given in Table VI.
ECDH-Related Computations:
DiffieHellman public key A = Ga mod P, where a = private key.
Public keys of network nodes BS = 155, RS = 243, MS1 =
947, MS2 = 597.
Shared secrets between A and B = Ba mod P = Ab mod P,
where, A, a = public and private keys of A.
Shared secrets between BS and RS = 810; RS and MS1 = 609;
RS and MS2 = 431.
The simulation results for measuring the initial connectivity
latency (first two rows) and handover latency (second two rows)
are given in Table VII. From the initial connectivity latency

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

results in the first two rows, it is clear that both MS1 and MS2
are connected at the same frame period for both scenarios. The
time needed to compute the key values and share secret is less
than one frame duration (5 ms, given in Table VI). Hence,
it is possible to schedule the subsequent MAC messages for
both scenarios at the same time. Next, the handover latency
is compared between the default and the ECDH schemes. The
handover latency is the measure of the time difference between
the Handover-Indication message and the connectivity with the
target BS for data transfer. For measuring the handover latency
in the ECDH scheme, the authentication process is performed
at the BS, and during a handover, the DiffieHellman key
is refreshed instead of reauthentication. When comparing the
handover latency, the average handover latency for ECDH is
30% (from 42.2 to 20.1 ms for MS1 and from 47.1 to 30.2 ms
for MS2) reduced because the message flows for basic capability and authentication (third and fourth message flows in
Fig. 1) are not included in the handover process. Therefore,
the proposed ECDH scheme aids in the preauthentication and
reduces the latency during handovers for vehicular users.
C. Security Analysis
There are three security schemes considered for this analysis:
1) default MAC-layer security defined by standards; 2) IPSec
security on top of the MAC-layer security; and 3) the proposed
ECDH protocol at the MAC layer with default security. First,
we explain how the proposed ECDH protocol overcomes the
existing security threats in each category for both WiMAX and
LTE networks. Later, we compare the performance of these
three security schemes in Table VIII, where we enhanced our
previous analysis in [47].
Analysis on ECDH Protocol Against Security Threats in
WiMAX Networks:
1) Ranging attacks: In our proposed security architecture,
RNG_REQ and RNG_RSP messages are encrypted by
the public key of the receiver. Hence, the intermediate
rogue node has difficulty in processing the message in a
short period, and the system is free from DoS/Replay and
other attacks during initial ranging.
2) Power-saving attacks: Already, the IEEE 802.16m standard provides an option for encrypting the control messages in a power-saving mode. For IEEE standards, the
network may use ECDH implementation to overcome the
power-saving attacks.
3) Handover attacks: The MOB NBR-ADV attacks do not
exist in the IEEE 802.16 network because the BS can
encrypt the message. For other networks, the messages
are encrypted using ECDH to overcome those security
threats. For latency issues during handover, two scenarios
are considered: 1) RS mobility (e.g., RS is installed on
top of a train, and WiMAX users are inside the train), and
2) MS mobility. For RS mobility in the proposed security
architecture, reauthentication for RS is not necessary,
because the BS or the target RS knows the list of RSs
and the corresponding RS_ID in the network. Otherwise,
if the target node is another BS, the serving BS can
send the RS authentication information including AK in

2897

a secured manner, as defined in IEEE 802.16m. Hence,

only key renewal is needed to refresh the SA that reduces
latency during RS handover. For MS mobility, when the
MS moves within the network, the MS authentication
information including AK is transferred to the BS or the
target RS using the ECDH tunnel. Otherwise, if the target
node is another BS, the serving BS can send the RS authentication information in a secured manner, as defined
in IEEE 802.16m. Hence, in either scenario, the latency
during handovers is minimum due to preauthentication.
4) Miscellaneous attacks: For downgrade attack, if the level
of security is low in the MS basic capability request message, the BS should ignore the message. For bandwidth
spoofing, the BS should allocate the bandwidth only
based on the provisioning of the MS. These downgrade
attack and bandwidth spoofing can be solved by using
basic intelligence in the BS.
5) Multihop security threats: One of the major issues in a
multihop wireless network is the introduction of rogue
node in a multihop path. In our distributed security mode,
once the joining node is authenticated by the home network (AAA server), mutual authentication takes place
between the joining node and the access node (RS or BS).
Hence, the new node identifies the rogue node during
the mutual authentication step, and no other credential
information is shared. Thus, the proposed solution avoids
the introduction of the rogue node problem. For tunnelmode security support, the communication between the
BS and the access RS is encrypted using the ECDH public
key of the receiver. Hence, the network supports tunnelmode operation using the ECDH tunnel.
6) Other security threats: Other security threats such as
attacks against WiMAX security, multicast/broadcast attacks, and mesh mode attacks do not exist in IEEE
802.16m networks. Otherwise, if the network uses ECDH
implementation, the control messages are encrypted.
Hence, those security threats are avoided.
Analysis on ECDH Protocol Against Security Threats in
LTE Networks:
1) LTE system architecture security threats: Security threats
such as injection, modification, eavesdropping attacks,
HeNB physical intrusions, and rogue eNB/RN attacks
still exist with ECDH implementation.
2) LTE access procedure attacks: Similar to WiMAX networks, the intruder can introduce a DoS/Replay attack
during the random-access process, as the messages are
in plain text. In our proposed security architecture, the
random-access Request message is encrypted by the public key of eNB, and the response message is encrypted
by the public key of UE. Hence, the messages exchanged
during the random-access process are encrypted, and the
DoS/Replay attack is avoided. For IMSI water torture
attacks, we suggest EAP-based authentication that is
similar to WiMAX, where the Attach Request message
is encrypted by home network shared secrets. For disclosure of the users identity privacy, the Attach Request
message is encrypted by eNBs public key in ECDH

2898

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

TABLE VIII
P ERFORMANCE C OMPARISON OF D IFFERENT S CHEMES FOR 4G W IRELESS [47]

implementation. Hence, it is difficult for the attacker to

decrypt the Attach Request message to know the IMSI.
Thus, disclosure of the users identity is avoided.
3) Handover attacks: Location tracking is possible by eavesdropping the CRNTI information in a handover command
message. However, this attack is avoided with the proposed scheme, because the CRNTI information is now
encrypted. Other security threats, lack of backward secrecy, and desynchronization attacks still exist in ECDH
implementation.
4) Miscellaneous attacks: If the attacker eavesdrops the
CRNTI information in the random-access response or the
handover command message, they can send a fake bandwidth request or false buffer status to allocate bandwidth
unnecessarily. Using ECDH, eNB encrypts the randomaccess response message using UEs public key. Hence,
bandwidth-stealing attack is avoided. The lack of SQN
synchronization is similar to the desynchronization attack
and still exists in ECDH implementation.
Analysis on ECDH Protocol Against Pollution and Entropy
Attacks in Multihop WiMAX/LTE Networks: Pollution and entropy attacks are the major security threats in multihop wireless
networks, when network coding is used for data transmissions.
Since packets are unencrypted, attackers may introduce the
polluted or stale packets that lead to pollution and entropy
attacks. In our approach, every RS authenticates the neighbor

RSs and shares the digital signatures. Hence, the attackers have
difficulty in introducing the pollution attack. For the entropy
attack, the RS may introduce a time stamp field in the message
header. Subsequently, the RS can verify the time stamp of a
received packet with the older packets. If the time stamp is
older, then the RS may drop the packet to avoid the entropy
attacks.
VI. C ONCLUSION AND F UTURE R ESEARCH
As the increase in demand for multimedia applications and
for the safety of mobile users, providing Internet that supports
QoS-aware and safe multimedia services for vehicular networks
is mandatory for service providers. To provide high bandwidth
support at the vehicular speed of up to 350 km/h, the WiMAX
and LTE networks are the preferred candidates. 4G networks
have well-defined QoS and security architectures. However,
some major security threats such as DoS attack still exist in
4G multihop networks, because certain MAC messages are
transmitted only in plain text. For this reason, we have proposed
a distributed security architecture using the ECDH algorithm in
Layer 2 for 4G multihop wireless networks. In the proposed
scheme, the wireless nodes are initially authenticated by the
home network and then authorized by the access node. In
addition, the proposed scheme requires only a slightly higher
bandwidth and computational overhead than the default standard scheme (see the performance comparisons in Section V).

RENGARAJU et al.: DISTRIBUTED SECURITY ARCHITECTURE FOR 4G MULTIHOP WIRELESS NETWORKS

Based on the analysis, the proposed scheme overcomes most

of the existing security threats, including pollution and entropy
attacks due to network coding.
To the best of our knowledge, an integrated view of WiMAX
and LTE security threats and the IPSec overhead using actual
experiments on or real measurements in a WiMAX environment
have not been presented in the literature. This paper, therefore,
presented an integrated view with emphasis on Layer-2 and
Layer-3 technologies for WiMAX and LTE security, which is
useful for the research community. In addition, the performance
of the proposed and other security schemes is analyzed using
simulation and testbed implementation. The QoS measurement
using the testbed implementation and theoretical studies show
that the IPSec scheme provides strong security for data, but not
for the control messages. On the other hand, the simulation and
theoretical studies indicate that the ECDH protocol eliminates
most of the MAC-layer security threats and has the same QoS
performance as the default MAC-layer security in 4G wireless
networks. For the ECDH scheme, the handover latency is
significantly reduced versus that of the default security scheme;
thus, the ECDH scheme improves the QoS performance of
the vehicular users. Consequently, we suggest the ECDH protocol for 4G multihop wireless networks, and it is suitable
for vehicular networks, since the proposed security scheme
aids in hasty authentication without compromising the QoS
performance.
Nevertheless, there are still threats to the LTE system architecture, i.e., disclosure of IMSI due to rogue RN, lack
of backward secrecy, rogue RN attack, and synchronization
attack. For disclosure of IMSI, the enterprise authentication
protocol, e.g., EAP-TTLS, secures the identity protection of the
user, which was studied in [42]. The other threats previously
mentioned warrant further investigation. Currently, we are also
working on other security threats in the LTE system architecture
and security threats, such as IMS security, HeNB security, and
MTC security, in other domains or layers of LTE networks.
R EFERENCES
[1] IEEE Standard for Local and Metropolitan Area NetworksPart 16: Air
Interface for Fixed Broadband Wireless Access Systems, IEEE 802.162009, 2009.
[2] Amendment to IEEE Standard for Local and Metropolitan Area
NetworksPart 16: Air Interface for Fixed Broadband Wireless Access
SystemsMultiple Relay Specification, IEEE 802.16j, 2009.
[3] Amendment to IEEE Standard for Local and Metropolitan Area
NetworksPart 16: Air Interface for Broadband Wireless Access
SystemsAdvanced Air Interface, IEEE 802.16m, 2011.
[4] WiMAX end-to-end network systems architecture (Stage 3: Detailed protocols and procedures) Release 1, V.1.3.0, WiMAX Forum,
Clackamas, OR, USA, 2008.
[5] Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved
Universal Terrestrial Radio Access Network (E-UTRAN); Overall description, Stage 2, Release 11, 3GPP, Sophia-Antipolis, France, 3GPP
TS 36.300 V11.3.0, 2011.
[6] 3GPP System Architecture Evolution (SAE); Security architecture,
3GPP, Sophia-Antipolis, France, 3GPP TS 33.401, v12.5.0, 2012,
Release 12.
[7] Feasibility study on LTE relay node security, Release 10, 3GPP, SophiaAntipolis, France, 3GPP TS 33.816 v10.0.0, 2011.
[8] E. Dahlman, S. Parkvall, and J. Skold, LTELTE-Advanced for Mobile
Broadband. Oxford, U.K.: Elsevier, 2011, pp. 301322.
[9] N. A. Ali, A.-E. M. Taha, and H. S. Hassanein, LTE, LTE-Advanced and
WiMAX: Towards IMT-Advanced Networks. Chichester, U.K.: Wiley,
2012.

2899

[10] P. Rengaraju, C-H. Lung, and A. Srinivasan, An analysis on mobile

WiMAX security, in Proc. IEEE Toronto Int. Conf. Sci. Tech. Hum.,
2009, pp. 439444.
[11] N. Seddigh, B. Nandy, and R. Makkar, Security advances and challenges
in 4G wireless networks, in Proc. 8th Annu. Conf. Privacy, Security,
Trust, 2010, pp. 6271.
[12] L. Yi, K. Miao, and A. Liu, A comparative study of WiMAX and LTE as
the next generation mobile enterprise network, in Proc. 13th Int. Conf.
Adv. Comm. Tech., 2011, pp. 654658.
[13] T. Shon and W. Choi, An analysis of mobile WiMAX security: Vulnerabilities and solutions, in Lecture Notes in Computer Science,
T. Enokido, L. Barolli, and M. Takizawa, Eds. Berlin, Germany:
Springer-Verlag, 2007, pp. 8897.
[14] H. Jin, L. Tu, G. Yang, and Y. Yang, An improved mutual authentication
scheme in multi-hop WiMax network, in Proc. Int. Conf. Comput. Elect.
Eng., 2008, pp. 296299.
[15] T. Han, N. Zhang, K. Liu, B. Tang, and Y. Liu, Analysis of mobile
WiMAX security: Vulnerabilities and solutions, in Proc. 5th Int. Conf.
Mobile Ad Hoc Sensor Syst., 2008, pp. 828833.
[16] H-M. Sun, S-Y. Chang, Y-H. Lin, and S-Y. Chiou, Efficient authentication schemes for handover in mobile WiMAX, in Proc. 8th Int. Conf.
Syst. Des. Appl., 2008, pp. 235240.
[17] D. Johnston and J. Walker, Overview of IEEE 802.16 security, IEEE
Security Privacy Mag., vol. 2, no. 3, pp. 4048, May/Jun. 2004.
[18] C-T. Huang and J. M. Chang, Responding to security issues in WiMAX
networks, IEEE Comput. Soc. IT Prof. Mag., vol. 10, no. 5, pp. 1521,
Sep./Oct. 2008.
[19] H-M. Sun, Y-H. Lin, and S-M. Chen, Secure and fast handover scheme
based on pre-authentication method for 802.16-WiMAX, in Proc. IEEE
Region 10 Conf., 2007, pp. 14.
[20] J. Hur, H. Shim, P. Kim, H. Yoon, and N.-O. Song, Security considerations for handover schemes in mobile WiMAX networks, in Proc. Int.
Conf. Wireless Comm. Netw., 2008, pp. 25312536.
[21] Y. Kim, H-K. Lim, and S. Bahk, Shared authentication information for
preventing DDoS attacks in mobile WiMAX Networks, in Proc. 5th
IEEE Conf. Consum. Comm. Netw., 2008, pp. 765769.
[22] F. Liu and L. Lu, A WPKI-based security mechanism for IEEE 802.16e,
in Proc. Int. Conf. Wireless Comm., Netw. Mobile Comput., 2006, pp. 14.
[23] B. Sikkens, Security issues and proposed solutions concerning, presented at the 8th Twente Student Conf. Information Technology,
Enschede, The Netherlands, 2008.
[24] Y. Lee, H. K. Lee, G. Y. Lee, H. J. Kim, and C. K. Jeong, Design of
hybrid authentication scheme and key distribution for mobile multi-hop
relay in IEEE 802.16j, in Proc. Euro Amer. Conf. Telematics Inf. Syst.,
2009, p. 12.
[25] A. DeCarlo, J. Porthy, S. Tyler, B. Xie, R. Reddy, and D. Zhao,
Distributed trust relationship and polynomial key generation for IEEE
802.16m network, in Proc. Mobile WiMAX Symp., 2009, pp. 111116.
[26] J. Donga, R. Curtmolab, and C. N. Rotarua, Secure network coding for
wireless mesh networks threats challenges and directions, J. Comput.
Commun., vol. 32, no. 17, pp. 17901801, Nov. 2009.
[27] G. Kambourakis, E. Konstantinou, and S. Gritzalis, Revisiting WiMAX
MBS security, Int. J. Comput. Math. Appl., vol. 60, no. 2, pp. 217223,
Jul. 2010.
[28] A. Deininger, S. Kiyomoto, J. Kurihara, and T. Tanaka, Security vulnerabilities and solutions in mobile WiMAX, Int. J. Comput. Sci. Netw.
Security, vol. 7, no. 11, pp. 715, Nov. 2007.
[29] S. Kumar, M. Girimondo, A. Weimerskirch, C. Paar, A. Patel, and
A. S. Wander, Embedded end-to-end wireless security with ECDH
key exchange, in Proc. IEEE Midwest Symp., Circuits Syst., 2003,
pp. 786789.
[30] K. Lauter, The advantages of elliptic curve cryptography for wireless
security, IEEE Wireless Commun. Mag., vol. 11, no. 1, pp. 6267,
Feb. 2004.
[31] K. Byoung-Jo and S. Srinivasan, Simple mobility support for IPsec
tunnel mode, in Proc. 58th IEEE VTC Conf., 2003, pp. 19992003.
[32] E. Barka, K. Shuaib, and H. Chamas, Impact of IPSec on the performance
of the IEEE 802.16 wireless networks, in Proc. Int. Conf. New Tech.,
Mobility Security, 2008, pp. 16.
[33] L. Nazaryan, E. Panaousis, and C. Politis, IPSec provisioning in WiMAX
networks, IEEE Veh. Technol. Mag., vol. 5, no. 1, pp. 8590, Mar. 2010.
[34] C. B Sankaran, Network access security in next-generation 3GPP systems: A Tutorial, IEEE Commun. Mag., vol. 47, no. 2, pp. 8491,
Feb. 2009.
[35] M. Purkhiabani and A. Salahi, Enhanced authentication and key agreement procedure of next generation evolved mobile networks, in Proc. 3rd
Int. Conf. Commun. Softw. Netw., 2011, pp. 557563.

2900

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 63, NO. 6, JULY 2014

[36] Y. Park and T. Park, A survey of security threats on 4G Networks, Proc.

IEEE GLOBECOM Workshops, pp. 16, 2007.
[37] M. Al-Humaigani, D. Dunn, and D. Brown, Security transition roadmap
to 4G and future generations wireless networks, in Proc. 41st Southeast.
Symp. Syst. Theory, 2009, pp. 9497.
[38] C-K. Han, H-K. Choi, J. W. Baek, and W. Lee, Evaluation of authentication signaling loads in 3GPP LTE/SAE networks, in Proc. 34th IEEE
Conf. Local Comput. Netw., 2009, pp. 3744.
[39] Z. Shi, Z. Ji, Z. Gao, and L. Huang, Layered security approach in
LTE and simulation, Proc. 3rd Int. Conf. Anti-Counterfeiting, Security,
Identification Commun., pp. 171173, 2009.
[40] D. Forsberg, L. Huang, K. Tsuyoshi, and S. Alanara, Enhancing security
and privacy in 3GE-UTRAN radio interface, in Proc. Int. Conf. Pers.,
Indoor, Mobile Radio Commun., 2007, pp. 15.
[41] D. Yu and W. Wen, Non-Access-Stratum request attack in E-UTRAN,
in Proc. Int. Conf. Comput., Commun. Appl., 2012, pp. 4853.
[42] L. Huang, Y. Huang, and Z. Gao, Performance of authentication protocols in LTE environments, in Proc. Int. Conf. Comput. Intell. Security,
2009, pp. 293297.
[43] H. Mun, K. Han, and K. Kim, 3G-WLAN interworking: Security analysis
and new authentication and key agreement based on EAPAKA, in Proc.
Wireless TeleCommun. Symp., 2009, pp. 18.
[44] C-E. Vintila, V-V. Patriciu, and I. Bica, Security analysis of LTE access
network, in Proc. 10th Int. Conf. Netw., 2011, pp. 2934.
[45] IxAutomate Data Sheet. [Online]. Available: http://www.ixiacom.com/
products/network_test/applications/ixautomate/ixautomate_datasheet/
index.php
[46] P. Rengaraju, C-H. Lung, and A. Srinivasan, Design of distributed security architecture for multihop WiMAX networks, in Proc. 8th Annu.
Conf. Privacy, Security, Trust, 2010, pp. 5461.
[47] P. Rengaraju, C-H. Lung, and A. Srinivasan, Measuring and analyzing
WiMAX security and QoS in testbed experiments, in Proc. IEEE ICC,
2011, pp. 15.
[48] T. M. Fernandez-Carames, M. Gonzalez-Lopez, and L. Castedo, Mobile
WiMAX for vehicular applications: Performance evaluation and comparison against IEEE 802.11p/a, Int. J. Comput. Netw., vol. 55, no. 16,
pp. 37843795, Nov. 2011.
[49] T. Eibatt and A. Ephremides, Design aspects of satellite-cellular hybrid
wireless systems, Int. J. Satell. Commun., vol. 20, no. 2, pp. 121150,
Mar./Apr. 2002.
[50] C. Kolias, G. Kambourakis, and S. Gritzalis, Attacks and Countermeasures on 802.16: Analysis and Assessment, IEEE Commun. Surveys
Tuts., vol. 15, no. 1, pp. 487514, 1st Qtr., 2013.
[51] J. Huang and C-T. Huang, Secure mutual authentication protocols for
mobile multi-hop relay WiMAX networks against rogue base/relay stations, in Proc. IEEE Conf. Commun., 2011, pp. 15.
[52] B. Bhargava, Y. Zhang, N. Idika, L. Lilien, and M. Azarmi, Collaborative
attacks in WiMAX networks, J. Security Commun. Netw., vol. 2, no. 5,
pp. 373391, Sep./Oct. 2009.
[53] S. Naseer, M. Younus, and A. Ahmed, Vulnerabilities exposing IEEE
802.16e networks to DoS attacks: A survey, in Proc. 9th Int. Conf. Softw.
Eng., Artif. Intell., Netw., Parallel/Distrib. Comput., 2008, pp. 344349.
[54] J. Hong Kok Han, M. Yusoff Alias, and B. Min Goi, Simulating denial
of service attack using WiMAX experimental setup, Int. J. Netw. Mobile
Technol., vol. 2, no. 1, pp. 3034, Jan. 2011.
[55] M. Shojaee, N. Movahhedinia, and B. T. Ladani, Traffic analysis for
WiMAX network under DDoS attack, in Proc. 2nd Int. Pacific-Asia Conf.
Circuits, Commun. Syst., 2010, pp. 279283.
[56] J. Hong Kok Han, M. Yusoff Alias, and M. Goi Bok, Potential denial of
service attacks in IEEE802.16e-2005 networks, in Proc. 9th Int. Conf.
Commun., Inf. Technol., 2009, pp. 12071212.
[57] F. Ibikunle, Security issues in mobile WiMAX (802.16e), in Proc. IEEE
Mobile WiMAX Symp., 2009, pp. 117122.
[58] R. Rodney and A. Vikas, An Analysis of WiMAX security vulnerabilities, in Proc. Int. Conf. Wireless Netw. Embedded Syst., 2009.
[59] L. Maccari, M. Paoli, and R. Fantacci, Security analysis of IEEE
802.16 communications, in Proc. IEEE Int. Conf. Commun., 2007,
pp. 11601165.

[60] B. Kwon, R. A. Beyah, and J. Copeland, Key Challenges in Securing

WiMAX Mesh Networks, J. Security, Commun. Netw., vol. 2, no. 5,
pp. 413426, Sep./Oct. 2009.
[61] B. Kwon, C. P. Lee, Y. Chang, and J. Copeland, A security scheme for
centralized scheduling in IEEE 802.16 mesh networks, in Proc. IEEE Int.
Conf. Mil. Commun., 2007, pp. 15.
[62] J. Cao, M. Ma, H. Li, and Y. Zhang, A Survey on Security Aspects for
LTE and LTE-A Networks, IEEE Commun. Surveys Tuts., Apr. 2013, to
be published.
[63] J. Cao, H. Li, M. Ma, Y. Zhang, and C. Lai, A Simple and Robust
Handover Authentication between HeNB and eNB in LTE Networks,
Comput. Netw., vol. 56, no. 8, pp. 21192131, May 2012.
[64] C-H. Han, Security analysis and enhancements in LTE-advanced networks, Ph.D. dissertation, Dept. Mobile Syst. Eng., Graduate School,
Sungkyunkwan Univ., Seoul, Korea, 2011.

Perumalraja Rengaraju received the M.Eng. degree in communication systems from Anna University, Tamil Nadu, India, in 2006 and the Ph.D. degree
in electrical and computer engineering from Carleton
University, Ottawa, ON, Canada, in 2013.
In September 2013, he joined the Department
of Information Technology, Velammal College of
Engineering Technology, Tamil Nadu, where he is
currently an Associate Professor. He was with
CDOT-Alcatel Research Center, Chennai, India,
from 2006 to 2007 and with nGIN Technologies,
Chennai, from 2007 to 2009, where he worked on the research and development
of WiMAX technology. His current research interests include quality of service
and security in Fourth-Generation wireless networks and other networking
technologies.

Chung-Horng Lung (M13) received the B.S. degree from Chung Yuan Christian University, Zhongli,
Taiwan, and the M.S. and Ph.D. degrees from
Arizona State University, Tempe, AZ, USA, all in
computer science and engineering.
From 1995 to 2001, he was with Nortel Networks.
In September 2001, he joined the Department of
Systems and Computer Engineering, Carleton University, Ottawa, ON, Canada, where he is currently
an Associate Professor. His research interests include
communication networks, wireless ad hoc/sensor
networks, and software engineering.

Anand Srinivasan received the Bachelors degree

from the University of Delhi, New Delhi, India; the
Masters degree in computing from Jawaharlal Nehru
University, New Delhi; and the Ph.D. and M.Sc.
degrees in computer science from the University of
Victoria, Victoria, BC, Canada.
He has over 15 years of experience in system
and network design and performance of large-scale
wired, wireless, and satellite networks. He is currently the Vice President for Technology and Product
Management with EION Wireless Inc., Ottawa, ON,
Canada. He is also an Adjunct Research Professor with the Department of
System and Computer Engineering, Carleton University, Ottawa.