**2.2. Security sub-layer**

**2. WiMAX architecture**

**Figure 1.** Protocol stack of IEEE 802.16 [2]

repeat request and QoS enforcement.

Division Multiplexing (TDM).

The protocol stack of IEEE 802.16 standard consists of two main layers: Medium Access Control (MAC) layer and Physical (PHY) layer [2]. The MAC layer is subdivided into three sub-layers [7], namely it (CS), Common Part Sub-layer (CPS) and Security Sub-layer (SS) as shown in

The service specific convergence sub-layer communicates with higher layers and receives packets from them and then do some specific functions like packet/frame classification and header suppression. Next, it encapsulates these packets into MAC Service Data Unit (MAC SDU) format, and then distributes MAC SDUs to common part sub-layer. Asynchronous Transfer Mode (ATM) convergence and packet convergence sub-layers are two types of service specific convergence sub-layer. The ATM convergence sub-layer is used for ATM networks, and the packet convergence sub-layer is used for packet services like Ethernet, IPv4 and IPv6.

> Convergence Sub-layer Common Part Sub-layer Security Sub-layer Physical Layer

The main part of the IEEE 802.16 standard is common part sub-layer which is responsible for bandwidth allocation, connection management, scheduling, connection control, automatic

The security sub-layer is responsible for providing authentication, authorization and secured key exchange. It is also used for encryption and decryption of data from the MAC layer to PHY

**1.** Encapsulation Protocol, which is used for ciphering operations on data in the networks,

**2.** PKM protocol, which is used for secure key distribution between BS and MSs, and also it

The PHY layer receives MAC frames and then transmits them through coding and modulation of radio frequency signals. It supports Frequency Division Duplexing (FDD) and Time

MAC

PHY

layer and vice versa. Two main protocols of security sub-layer are [3]:

enables the BS to enforce conditional access to network services.

**2.1. Protocol stack**

130 Selected Topics in WiMAX

Figure 1.

The architecture of security sub-layer is shown in Figure 2. As mentioned previously, the security sub-layer provides security services for the standard, and it has been made based on two main components; an encapsulation protocol and a key management protocol [3]. The encapsulation protocol introduces the encryption and authentication methods as cryptograph‐ ic suites which is a pair of encryption and authentication algorithms.


**Figure 2.** Security sub-layer architecture [3]

Initially, WiMAX security was introduced in the security sub-layer of IEEE 802.16 standard [1]. After releasing the initial versions of the IEEE 802.16 standard, a number of articles such as in [8-10] criticized the security weaknesses of the standard, after which some security improve‐ ments were added in IEEE 802.16e [3] and IEEE 802.16m [11]. The security functions regarding key managements have been addressed by PKM protocol. In IEEE 802.16d [4], the key management is based on PKMv1 while IEEE 802.16e uses PKMv2, which is an enhanced version of PKMv1.

Generally, PKM protocol is responsible for authorization, authentication, key exchange and data encryption in the networks between the MSs and BS. In the subsequent sections, we focus our attention on PKMv2, because it is stronger than PKMv1 in terms of security. Recently, the PKMv3 [11] was launched with IEEE 802.16m standard, however, since this protocol is still new and only a few works are being done on it, it is not discussed further in this chapter.

The PKMv2 is used by MSs to get authorization and security keys from the BS, and also to guarantee continuous and uninterrupted re-authorization/re-authentication and refreshing of the security keys. The PKMv2 applies EAP protocol together with RSA algorithm or a mixed function starting with RSA followed by EAP. As shown in Figure 3, in EAP of PKMv2, the root of the security keys is Master Session Key (MSK), and the other keys such as Key Encryption Key (KEK) are obtained from the MSK.

The procedure of security keys generation using the EAP method is shown in Figure 3. In this Figure, the result of EAP authentication protocol is MSK. Then both the MS and BS make a Pairwise Master Key (PMK) by removing some bits of the MSK using a number of functions such as Dot16KDF [12], and also they generate an Authorization Key (AK) from the PMK. After making the AK, the BS and MS will establish the Key Encryption Key (KEK) from the AK. The BS and MS use a 3-way handshake to drive Traffic Encryption Key (TEK) which is used to encrypt data in the network between the BS and MSs. The Multicast Broadcast Service (MBS) is then applied when there are several MSs whereby the MBS is used to send the messages to them. In this case, both BS and MS need to generate and use some group keys.

number of transmitted group keys upon a rekeying algorithm, and the computational costs refer to the cost of ciphering operations in order to get the updated group keys. Scalability means the capability of key management protocol to handle a large group of members, and also its ability to manage highly dynamic membership changes. The 1-af‐ fects-n phenomenon is estimated from the number of members affected by rekeying op‐ erations. Moreover, a key management should support forward secrecy, which means that the MSs that leave a BS cannot read future messages; and also it must guarantee backward secrecy, which means that a new MS cannot read previous messages [9].

> Challenges of key management

1-affects-n

Multicast and Broadcast Service (MBS) of IEEE 802.16e is a new feature for broadband wireless standards [3]. It is a mechanism that allows a BS to distribute the same set of data to several MSs concurrently. As highlighted before, first the MSs need to be authenticated by the BS using PKMv2 [3]. After that, the Group Key Encryption Key (GKEK) and the Group Traffic Encryp‐ tion Key (GTEK) are established. IEEE 802.16e introduced the MBRA as a basic rekeying algorithm to generate, update and distribute the GKEKs and GTEKs upon member changes. The MBRA uses the GTEK which is shared among all MSs to encapsulate the data traffic. The BS generates the GKEK and the key is used to encapsulate the GTEK. The GKEK is also encapsulated by the KEK of each MS. Each MS has a unique KEK which is obtained from the AK. Although, the MBRA of MBS is quite well designed, it still suffers from efficiency and scalability problem and it does not address backward and forward secrecy [8, 18]. To explain this point, in the MBRA algorithm, the BS should unicast n messages, where n is the number of MS, with the aim of updating the group keys, which unfortunately would cause weak scalability due to the increased number of unicast messages. Moreover, when there are high numbers of MSs, and the effect of sending high volume of unicast/broadcast messages would

increase communication costs, and consequently this will result in poor efficiency.

Rekeying algorithms in WiMAX networks need to execute using one of the following three

Forward secrecy

Backward secrecy

Key Management in Mobile WiMAX Networks

http://dx.doi.org/10.5772/56154

133

Security

Performance

Operational efficiency

phenomenon Scalability

costs

Communication costs

**3.1. Multicast and broadcast service**

**Figure 4.** Key management's challenges

events:

Computation Storage

IEEE 802.16 supports multicast for applications such as pay-tv and videoconferencing. In order to establish a secure multicast over IEEE 802.16, main components of the standard must be used, namely Multicast Broadcast Service (MBS) and Multicast and Broadcast Rekeying Algorithm (MBRA). We will explain how this is done in the next section.

**Figure 3.** Key generation at initial network entry [12]
