Академический Документы
Профессиональный Документы
Культура Документы
discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/289218189
CITATIONS READS
0 3
4 authors, including:
Muhammad Bakhsh
Pakistan Academy for Rural Development,Pehawar
22 PUBLICATIONS 25 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Muhammad Bakhsh on 19 July 2017.
**Department of Computer and Information Sciences, Universiti Teknologi PETRONAS, Perak, Malaysia
E-mail: javed1797@hotmail.com
****DSE, College of Computer and information Sciences, King Saud University, Saudi Arabia.
E-mail:iftahmad@ksu.edu.sa
****Department of Computer Science, Faculty of Computer and Information System, Jazan University, Saudi
Arabia.
Abstract
WIMAX is a wireless metropolitan area network technology that supports fixed, nomadic, portable
and mobile wireless access. It provides a cost effective fixed wireless alternative to conventional wired
DSL. A wireless network is more vulnerable than a wired, to external threats. We have assessed the
authentication and Key management process in 802.16 mesh networks. In this paper we analyze the
existing protocols, as well as related work and assessed the existing authentication and key management
protocol. We have proposed some changes in the existing authentication and key management process
which may improve the efficiency of WiMAX mesh networks. In proposed scenario it is expected that
BS efficiency may be increased in responding the requesting SS’s and a mechanism of how a BS
maintains the information about active nodes. This work may help in future research on 802.16 mesh.
Key Words: Subscriber Station/ Terminal Equipment, Neighboring Node, Communicating Node
1. Introduction
It is the era of technology where the Wireless technologies growing in a faster way due to
its easy deployment. WIMAX is the IEEE 802.16 standard-based wireless technology intended
for wireless MAN released in 2001[2]. WIMAX's main utilize will be for fixed and mobile
wireless broadband, that will enable a wireless alternative for cable, Broadband (remove the
hurdle of distance limitations for DSL and T1 level services) [6]. WIMAX supports and
integrates easily to other wired and wireless technologies such as Ethernet, IPv4-6, ATM and
Wi-Fi. WIMAX, which have primarily aimed at making wireless broadband network access,
Without the cost of stringing wires (as in cable-access broadband) or the distance limitation of
DSL. IEEE 802.16 also known as BWA or WMAN [9].
The network architecture of WIMAX on the basis of working is mainly divided into two types:
i). Point to Multipoint Mode, ii). Mesh Mode
Depending upon the architecture and configuration WIMAX mesh networks can be divided
into three types. These are infrastructure mesh, client mesh and hybrid mesh. Infrastructure
mesh provides wireless backbone that is similar to wired backbone. In this way clients get
service from backbone mesh. The Client mesh architecture consists of passive clients that may
be mobile or fixed and who has no involvement in infrastructure mesh and perform a function
of routing and packet forwarding. Hybrid meshes are more usable form, which combines the
concept of infrastructure and client mesh [5] as in Fig.1.
1.12 Security
Wireless MAN has recently gained considerable popularity due to their self configuring and
rapid extension capabilities. WIMAX security supports two quality encryptions standards,
DES3 and AES. Basically, all traffic on a WIMAX network must be encrypted using Counter
Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) which uses
AES for transmission security and data integrity. The security architecture of WIMAX MAC
layer consists of three sub layers convergence sub layer, common part sub layer and security
sub layer. The security sub layer provides authentication, authorization encapsulation, and
encapsulation and control management facility [7-9].
2. Related Work
David et al., review the IEEE 802.16 standard, enumerate the security limitations like water
torture attack, jamming radio spectrum , confidentiality (any one can read and write the
channel), replay attack , BS masquerading can be possible, key management failure due to
small two bit key and also suggest modifications to protect the standard against these threats.
[3]. But still authentication protocol is vulnerable to replay attack because they did not mention
any method of key freshness and node authentication in mesh mode. If this technique is applied
on mesh then there can be a threat of malicious sponsor node at the transit. The threat of replay
attack is also present. Enumerate the security limitations in the existing authentication and key
management protocol, illustrate possible attacks and proposed some modifications in the
existing authentication and key management protocol. The authors proposed the mutual
authentication both for BS and SS and a secure handover roaming protocol is proposed that can
be used in the future 802.16e for mobility [4].
Yun et al., analyze the security of IEEE 802.16 in mesh mode and find out vulnerabilities
in mesh mode [8]. Authorization attacks includes message modification between candidate and
sponsor node (modification may be done by the malicious sponsor node, security level roll back
attack (modification of the authentication request message which selects the weaker
cryptographic algorithms and DoS (modification of the SA list which may be removal of any
SA which causes even DoS). Threats to link establishment, traffic encryption keys and traffic
are also discussed. Bongk young et al., describe the analysis of security mechanism based on
mesh network architecture focusing on authentication and authorization [5]. Communication
between the mesh nodes is scheduled using time division multiple access time slots. Scheduling
is done by centralized algorithm, distributed algorithm or by hybrid algorithm. They give a new
scheme for joining node authentication by adding two new messages in the existing scheme
which is an extra burden on the bandwidth.
Fan et al., describes the analysis of security mechanism based on PMP (point-to multipoint)
network architecture focusing on authentication and authorization of SS only [1]. They give the
idea of RADIUS server, in this case BS act as an intermediary between the RADIUS and the
SS. They suggest some improvements in the Wireless Key Management Infrastructure (WKMI)
used for the key management through the support of Extensible Authentication Protocol (EAP).
Since several research groups are working on WIMAX wireless standard. The protocol
proposed in [3] use for authentication of SS and remove the replay attack on BS by mutual
authentication. Chances of BS masquerading still exist. The protocol for mutual authentication
both for BS and SS to avoid replay attacks by including Time Stamps with each Message [4].
The key management protocol proposed in [3, 4] is used in PMP networks only. The concept of
RADIUS server was proposed which authenticate the SS [1]; it also deals with PMP networks.
WIMAX networks can work in mesh mode [5].
3. Problem Overview
As compared to IEEE 802.11a/b/g based mesh network, the 802.16-based WIMAX mesh
networks provide higher bandwidth, range and security. The key management protocol
described in [4] works only for PMP networks. They can not give any idea about WIMAX
mesh. The security scheme used by [1] implemented for PMP networks and used RADIUS as
an authentication server. This technique is not useful in Mesh networks because of single
authentication server (i.e. RADIUS) that increase the interference between the nodes. The level
of interference depends upon how the data is routed in the WIMAX mesh network.
In this paper, we consider the following scenario of WIMAX-based mesh deployment. A
mesh network is partially managed by a node, which we refer to as Mesh BS. Mesh BS serves
as the interface for WIMAX-based mesh to the external network. Authentication and
authorization of a new node is done by neighboring node at entry level in mesh. Mesh BS only
controls the session and issuance keys for communication in mesh nodes. BS periodically
updates itself by getting authentication certificate along with BCID from the mesh nodes which
was given to them by the neighboring node having identification of BS.
4. Proposed Model
Most common attacks on the authentication protocol includes message replay, man in the
middle, parallel session, interleaving etc [4]. Authentication is an issue in the WiMAX mesh.
In the existing technique message- 1 is optional and only informative; the security analysis can
be started from the next message. The said protocol has life time in message three, can be
removed in the proposed scenario. One more thing which can be considered is that in the
existing system, after the authentication the node did not uniquely be identified.
In the proposed system when a fresh SS/CN/TE wants to join the mesh first it detects all the
available BS/NN (neighbor SS). Now new SS/CN can be authenticated by the any BS or NN.
In this scenario when a new node is authenticated by the NN there is a chance of malicious NN.
This threat is being removed by including the SIGBS in the authentication process which was
received by the NN during its own authentication process. After the authentication, new CN/SS
requests for the keying material to BS and then use the services of the mesh network. The
improved version may be written as;
For Network Entry;
M1. CNNN: [Cert CN | Nonce CN | ] SIGCN
M2. NNCN: [Cert NN | Nonce CN | Nonce NN ] SIG NN
For the authentication of new node;
M1 CNBS: Cert (CN. Manufacturer)
M2 CNBS: [Nonce CN | Cert CN | Capabilities | SAID ]SIG CN
M3. BSCN: [Nonce CN | Nonce BS | KUBS (Pre-AK) | SeqNo | SAIDList | Cert (BS) | BCID] SIG
BS.
The messages exchanged for the new node that is authenticated by BS are, Message 1 (M1)
says that first SS sends its certificate to BS that is issued by its manufacture. This is an optional
message. Message (M2) is then sent by SS that contain Time stamp, certificate, its capabilities
list, SAID list and its own signature. Finally Message (M3) is the reply of the M1&M2 which
contain authentication key with time stamp, SAID list, its own certificate, signature, and Basic
Connection ID. In the this system when a SS (Requestor/node) wants to communicate with
another SS(Responder/node) (in mesh networks it kept in mind that SS can be authenticated at
entry time by the neighboring SS’s after that the requestor SS request to BS for keying
information to use the services of mesh network which is proposed in next part.
The certificate contains the node’s public key, certificate, signature and SAID list. The node
uses the certificate in the authorization process. In response BS send a message by time
stamping it to avoid replay attack. This time stamp can also be used for session. BCID is a
unique number which identifies a node.
BS periodically updates itself by checking the active nodes and retrieve following
information from them, which are used in a process of key issuance.
M1 BSN: Nonce BS |SIG BS
M2 NBS: Nonce N |Cert N | BCID | SIGN.
The message contains time stamp to avoid frequent messaging to BS and signature for
authentication. For the management of keying material the system in [4] may be improved as
M1. SSBS: [Nonce S | SeqNo | SAID] SIGSS
M2. BSSS: [Nonce B | Nonce S | SeqNo | SAID | OldTEK| KUSS(NewTEK) | SIGBS
In Message1, SS send BS its own public key for the message authentication, signatures,
Sequence No derived from the AK which was provided to SS during authentication, SAID,
time stamp of SS and SIG of SS to avid repudiation. BS reply with NewTEK encrypted with
the public key of SS, it also include a time stamp and signature of BS. Now BS has a role only
to manage the keys for active nodes. Using this technique secure communication can be
possible, no malicious SS can participate in the mesh network and BS bandwidth is used in
more affection manner. Peer-to-peer communication can be possible.
Due to difficulty in the availability of the hardware that was required for implementation of
the proposed system. We have used a mathematical model to prove our work. In mathematical
model we take some values in both the scenarios that are previous one and proposed. In some
extent, it is proved that the proposed scenario is better that that of the previous. In our proposed
hybrid approach Spoofed requests are controlled, Avoid the reply attack , Avoid flooding,
Jumping Forward is controlled, Man in the middle attack is removed ,Improve Service
Delivery, Reduce the authentication packet size, Bandwidth is saved , Inexpensive in
processing and Inexpensive in power consumption. In the proposed system intra-
communication between the nodes can not disturb the BS. In the previous key management
protocol hash function is used which is expensive in computing, power consumption and may
cause the denial of service for the nodes. We replace it with signatures which also increase the
processing capability of the BS.
in the Fig. 5 which remove extra burden of processing from the BS/Authentication server.
350 200
180
300
160
Authenticated Requests
250 140
Requests
120 Spoofed Requests
200
Authenticated
100 Ligitimate Requests
Requests
150 Authenticated Requests
80
100 60
40
50
20
0 0
30 60 90 120 150 180 210 240 270 300 20 40 60 80 100 120
Total Requests Nodes
300 200
180
250 160
140
200
Requets
Requets
Spoofed Requests 120 Spoofed Requests
150 Ligitimate Requests 100 Ligitimate Requests
No of AK Issued 80 No of AK Issued
100 60
50 40
20
0 0
25 50 75 100 125 150 25 50 75 100 125 150
Nodes Nodes
14000
12000
10000
8000
Bytes
Existing Protocol
6000 AKMM
4000
2000
0
200 400 600 800 1000 1200
AK Requests
The above graph shows the data comparison of the two protocols in case of authentication
requests, graph shows that the proposed protocol has fewer amounts of data which is attached
along with payload from CN to BS. So the message size for our protocol is lighter as compared
to previous one. The above graph shows the message size comparison in case of authentication
reply proposed protocols have lesser size as compared to the previous protocol.
6. Conclusion
In this paper we have proposed an authentication process and a Key management protocol
for WIMAX mesh networks. Through this protocol, authentication of new node is done at entry
level by neighboring node or BS in the mesh. The key issuance authority is BS. BS periodically
updates its database by taking BCID from active nodes including their signature. This
technique is useful in case of mesh it can be further improved. More work is required on
WIMAX mesh networks privacy and key management.
7. Acknowledgments
This work was supported by the Research Center of College of Computer and Information
Sciences, King Saud University. The authors are grateful for this support.
References
[1] Fan Y., Huaibei Z., Lan Z., Jin F., An Improved Security Scheme in WMAN based on IEEE
Std. 802.16, IEEE International Conference on Communications (2007). p1160 - 1165
[2] White Paper, IEEE 802.16a Standard and WiMAX Igniting Broadband Wireless
Access, WiMAX Forum, www.wimaxforum.org.
[3] David, J., Jesse W., Overview of IEEE 802.16 security, IEEE Security & Privacy,
2(2004), pp.40-48.
[4] Sen X., Manton M., Chin H., Security issues in privacy and key management protocols
of IEEE 802.16, In ACM Proceedings of the 44th annual Southeast regional conference
(ACM-SE 44), (2006), 113-118.
[5] Asad A., Marius P., Jadwiga I., Evaluation of Multi-radio extensions to AODV for wireless
mesh networks, Pervasive Mob. Computing, (2009), 93-109.
[6] IEEE 802.16, IEEE Standard for Local and metropolitan area networks, IEEE Press, 2004.
[7] Sen. X., Chin H., Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions, 3rd
IEEE International Symposium on Wireless Communication Systems, (2006), p185–189.
[8] Akyildiz, IF.,Wang, X., A Survey on Wireless Mesh Networks. IEEE Communications
Magazine, 43(2005):S23–S30.
[9] Kwon, B., Lee, Christopher P., Chang, Y., Copeland, JA., A Security Scheme for
Centralized Scheduling in IEEE 802.16 Mesh Networks, Military Communications
Conference( 2007). p1-5.
*Corresponding author : Muhammad Javed Iqbal *
Department of Computer and Information Sciences, Universiti Teknologi PETRONAS, Bandar
Seri Iskandar, 31750 Tronoh, Perak, Malaysia.