**3. Key management protocols**

There are three types of Key management protocols, viz, centralized, hierarchical and distrib‐ uted key management [13]. WiMAX Network uses a centralized key management where there is a single manager (BS) that executes key management procedure for all its members (MSs). Though some key management protocols have been proposed for WiMAX, their protocols still remained inefficient.

Generally, key management establishes a set of group keys for its members [14], and the main function of it is to update the group keys, this is called rekeying algorithm [15]. The key management protocols have to face several challenges, but the most outstanding challenges among them are on performance and security, as shown in Figure 4. Under performance are issues such as operational efficiency, scalability and 1-affects-n phenom‐ enon [16, 17]. Operational efficiency is the most important parameter in performance measure and is measured typically by storage, communications and computational costs respectively. In measuring the performance of key management, the storage costs refer to the number of keys stored by the BS and MSs; the communications costs refer to the number of transmitted group keys upon a rekeying algorithm, and the computational costs refer to the cost of ciphering operations in order to get the updated group keys. Scalability means the capability of key management protocol to handle a large group of members, and also its ability to manage highly dynamic membership changes. The 1-af‐ fects-n phenomenon is estimated from the number of members affected by rekeying op‐ erations. Moreover, a key management should support forward secrecy, which means that the MSs that leave a BS cannot read future messages; and also it must guarantee backward secrecy, which means that a new MS cannot read previous messages [9].

**Figure 4.** Key management's challenges

is then applied when there are several MSs whereby the MBS is used to send the messages to

IEEE 802.16 supports multicast for applications such as pay-tv and videoconferencing. In order to establish a secure multicast over IEEE 802.16, main components of the standard must be used, namely Multicast Broadcast Service (MBS) and Multicast and Broadcast Rekeying

> EAP authentication MSK MSK PMK PMK AK AK

BS MS

3-way handshake TEK TEK

Group key delivery

There are three types of Key management protocols, viz, centralized, hierarchical and distrib‐ uted key management [13]. WiMAX Network uses a centralized key management where there is a single manager (BS) that executes key management procedure for all its members (MSs). Though some key management protocols have been proposed for WiMAX, their protocols still

Generally, key management establishes a set of group keys for its members [14], and the main function of it is to update the group keys, this is called rekeying algorithm [15]. The key management protocols have to face several challenges, but the most outstanding challenges among them are on performance and security, as shown in Figure 4. Under performance are issues such as operational efficiency, scalability and 1-affects-n phenom‐ enon [16, 17]. Operational efficiency is the most important parameter in performance measure and is measured typically by storage, communications and computational costs respectively. In measuring the performance of key management, the storage costs refer to the number of keys stored by the BS and MSs; the communications costs refer to the

**Figure 3.** Key generation at initial network entry [12]

**3. Key management protocols**

remained inefficient.

132 Selected Topics in WiMAX

them. In this case, both BS and MS need to generate and use some group keys.

Algorithm (MBRA). We will explain how this is done in the next section.
