The continued and improved innovation of ubiquitous computing platforms and the proliferation of portable computing devices have elevated the role of mobile and wireless networking. This is witnessed by the widespread deployment and use of broadband wireless access systems in public places like airports, schools, Hospitals etc. These technologies include wireless local area networks (WLANs), broadband wireless access, and wireless personal area networks (WPANs). Although Wireless technology is reputed to be a very fast evolutionary and continuous field, two specific standards have been very instrumental in its evolution. These are the Wi-Fi and WiMAX standards, technically referred to as the 802.11 and 802.16 protocols respectively in accordance to Institute of Electrical and Electronics Engineers (IEEE) certifications. The first one, WiFi, was the foundation and currently is the most widely used wireless technology. According to Motorola and Intel (2007), there are more than 223 million homes with WiFi connections, and there are over 127 million WiFi hotspots worldwide. This is attributed to the integration of WiFi cards into notebooks as a standard feature. WiMAX, on the other hand offers much more promise in terms of performance and application and it has been postulated that it could achieve similar attach rates to devices as WiFi (Motorola & Intel, 2007). This paper presents up-to-date information related to WiMAX as defined in IEEE 802.16e-2005 standard. Initial discussion will be a comparison overview of the two protocols 802.11 and 802.16 but further and detailed analysis will be on the latter with a special focus on security. This paper assumes the readers have basic and necessary knowledge of networking and protocols. Therefore, the expected readers are network engineers, designers, implementers, undergraduate/graduate/postgraduate students, and information systems managers, Professors and Lecturers.
Overview of IEEE 802.11 and IEEE 802.16
WiFi/ IEEE 802.11
Wi-Fi, an acronym for "wireless fidelity," is a radio technology that networks computers so that users can share information and files on network desktop computers, laptops, and PDAs. It also enables the connection and sharing of peripherals such as servers and printers and apart from connecting computers to each other and to the Internet, it also links to wired networks (which utilize IEEE 802.3 or Ethernet). Wi-Fi, developed as a WLAN technology in several different versions (IEEE 802.11b, 802.11a, 802.11a/g, and 802.11n) is the most used of any wireless networking technology because its real-life performance is at par with the basic 10BaseT wired Ethernet networks. According to ( Andrews, Ghosh, & Muhamed, 2007), there are different standards of the 802.11 because the original 802.11 specification in 1997 that provided for 1- and 2-Mbps data rates was too slow in terms of data rates to support most general business requirements. Therefore, other standards were developed and they include IEEE 802.11b that operates using a direct-sequence spread spectrum (DSSS) waveform supporting data rates up to 11 Mbps at 2.4GHz, while IEEE 802.11g uses an orthogonal frequency division multiplexing (OFDM) waveform supporting data rates up to 54 Mbps at the same band as IEEE 802.11b. IEEE 802.11a operates in the 5GHz Unlicensed National Information Infrastructure (UNII) band ( Kasch & Burbank, 2008). The 802.11 network is supported by the basic service set (BSS), simply a group of stations that communicate with one another within a basic service area (BSA). A station within the BSA can communicate with other members of the BSS of which there are two types: ad hoc (or independent) and infrastructural. An ad hoc BSS, also known as an independent basic service set (IBSS), involves stations communicating directly with one another are rarely used within the commercial domain because they are typically short-lived. An infrastructural BSS, on the other hand, is one in which all communications take place through the access point (AP) within that BSS and is the commonly used one. Multiple BSS' can be interconnected into an extended service set (ESS) ( Kasch & Burbank, 2008).
WiMAX/ IEEE 802.16
The success and wide adoption of IEEE 802.11 WLAN technology, led to the formation of IEEE 802.16 group in 1998 to develop an air-interface standard for wireless broadband based on the LOS- point-to-multipoint wireless broadband system for operation in the 10GHz-66GHz millimeter wave band. The resulting original, 802.16 standard or (WiMAX), an acronym for Worldwide Interoperability of Microwave Access, completed in December 2001 was based on a single-carrier physical (PHY) layer with a burst time division multiplexed (TDM) MAC layer. ( Andrews, Ghosh, & Muhamed, 2007). WiMAX was designed to facilitate the WISP's (Wireless Internet Service Provider) Backhaul, Broadband internet connectivity to proprietary and standards-based Wi-Fi mesh networks, hotspots, residences and businesses Currently, IEEE 802.16e has also been approved as the official standard for mobile applications. According to Andrew et al (2007), revised Standard 802.16d, 2004 provides extended support for non-line-of-sight (NLOS) conditions with high data rates, itself based on the principles of orthogonal frequency division multiplexing (OFDM), in 2-11GHz spectrum with mesh connections for both fixed and nomadic users. Latest IEEE 802.16e Standard, released on February 28, 2006 intends to facilitate mobility in 2-6GHz spectrum within a range of 2-5 km. (Kaushik, 2012)
IEEE 802.16 Characteristics and system consideration
Power varies from 100 MW up to 2W with band profiles, with a Spectrum support of 3.5 GHz licensed and 5.8 GHz unlicensed bands. The two configurations are the P-P (point to point) and PMP (point-to-multipoint). The 802.16-2005 standards introduce the OFDMA (Orthogonal Frequency Division Multiple Access) method and MIMO (Multiple Input Multiple Output) antenna technology (Salvekar, Sandhu, Li, Vuong, & Xiaoshu, 2004). According to Kaushik (2012), it consist of OFDM Radio interface with 256 tones, supporting both Downstream (TDM) and Upstream (TDMA) access Protocols. OFDM is a form of frequency division multiplexing, but it has higher spectral efficiency and resistance to multipath fading and path loss compared to other multiplexing methods. It divides the allocated frequency spectrum into subcarriers which are at right angles to each other. This reduces the possibility of cross-channel interference thereby allowing the subcarriers to overlap. This reduces the amount of frequency spectrum required, hence the high spectral efficiency. The reduced data rate of each stream reduces the possibility of inter symbol interference because there is more time between the arrival of symbols from different paths. This feature of OFDM makes it resistant to multipath fading and ideal for non-line of sight (NLOS) applications. In OFDMA each frequency subcarrier is divided into sub channels which can be accessed by multiple users hence increasing the capacity of OFDM ( Yarali & Rahman, 2008). WiMAX also uses other features to enhance the performance of OFDMA. They include dynamic frequency shifting, MIMO, AAS, and software defined radios. Dynamic frequency shifting monitors the signal and changes frequencies to avoid interference. Software-defined radios are controlled by changing software settings and this gives the equipment more flexibility when switching frequencies ( Yarali & Rahman, 2008).
IEEE 802.16 Network Architecture
The IEEE 802.16e-2005 standard provides that the overall network be structured into three parts: End users' mobile stations for access to the network; the access service network (ASN), comprising one or more base stations and one or more ASN gateways that form the radio access network at the edge; the connectivity service network (CSN), to provide IP connectivity and all the IP core network functions ( Andrews, Ghosh, & Muhamed, 2007). This architecture enables the deployment of three distinct business entities: network access provider (NAP), that owns and operates the ASN; network services provider (NSP), that provides IP connectivity and WiMAX services to subscribers using the ASN infrastructure provided by one or more NAPs; application service provider (ASP), to provide value-added services such as multimedia applications using IMS (IP multimedia subsystem) and corporate VPN (virtual private networks) that run on top of IP ( Andrews, Ghosh, & Muhamed, 2007). In turn, there is more competition resulting to better services because the separation between NAP, NSP, and ASP is enables a richer ecosystem for WiMAX service business.
Based on the IEEE 802.16 standard, two modes of operation, namely PMP (point to multi point) mode and mesh mode are supported by WiMAX technology. A WiMAX PMP network provides the last-mile access to a broadband Internet service provider (ISP). According to Rao et al (2008), its underlying MAC Protocol, borrowed significantly from the cable industry's Data over Cable Service Interface Specifications (DOCSIS) standard, offers ISPs the ability to accurately monitor the QoS to the individual subscriber and application in real time. The mesh mode needs SS (Subscriber Station) that support multihop ad hoc networking. A typical PMP mode WiMAX network will consist one BS (Base Station) and a number of SS (Subscriber Station). The presence of a relay station RS in the mesh mode, however, will differentiate it from the PMP mode, its function is to behave as an SS and forward the traffic to BSs or other RS making it more flexible. Occasionally, there might be a mobile station (MS) which is simply an SS which can move in the network. The presence of an MS makes it a mobile WiMAX network which will consist of two networks: Access Services Network (ASN) and Connectivity Services Network (CSN). According to Kaushik (2012), the core elements in the ASN are the base station (BS) and ASN gateway (ASNGW) connected over an IP infrastructure. From the figure above, the ASNGW provides the security anchoring, traffic accounting and the mobility to support the Base Station (BS) and mobile station (MS), keys elements of the WiMAX network architecture. The AAA (Authentication, Authorization, and Accounting) server located in the CSN network control signals from the ASN-GW to authenticate the MS against the MS's profile which is stored in the AAA server's database. Thereafter, Mobile Stations (MS) communicate with Base Stations (BS) using the 802.16e air interface. The communication between the MS and BS is via an all-IP bearer and control. WiMAX does not have a TDM (Time Division Multiplexing) bearer. It is a concept of mobile multihop relay (MMR) networking and it is has also been introduced for PMP mode in IEEE 802.16e.
IEEE 802.16 security Overview
Because a wireless system uses an intrinsically open and unsecure radio channel for transmission of user signaling and traffic between the base station and mobile stations, security threats are more compared to a wired network. As a wireless protocol, WiMAX has an additional set of security threats not faced in cable systems because the DOCSIS protocol found in the underlying MAC Protocol was developed for cable modems, not wireless systems ( Rao & Radhamani, 2008). The original 802.16 standard does not provide enough security for the intended purpose. Therefore, reliable and robust security and encryption procedures are a requirement in order to protect confidentiality, privacy, and integrity of user traffic and credentials, and to prevent security breaches and theft of service in cellular networks. The original standard, IEEE 802.16-2001, was attacked when an intruder physically placed the attacking equipment, operating at comparative high frequencies of 10-66 GHz, between the SS and the BS. Although the IEEE 802.16-2004 standard has reduced the complexity of hardware implementation and physical placement constraints by operating at lower frequencies, new security challenges have emerged especially for the mesh mode, such as the trustworthiness of the next-hop mesh node.
Types of Wireless attacks
There are four major classes of wireless attacks namely: interruption, interception, modification, and fabrication. Additionally, there is a fifth class of attack, known as repudiation that distorts the accountability of information. According to Ohrtman & Roeder (2003), each of these attack classes can be introduced with a security mechanism.
Interception
Interception occurs when confidential information transfer between the source and the destination is read by an intruding entity. In this attack, information about the network for example, the SSID, the MAC address of the Access Point (AP), and information about whether WEP is enabled) is gathered and interception can occur far outside the user's working environment using high gain antennas (Pareek, 2006).
Fabrication
This is a Man-in-the Middle type of attack that leads to false authentication, distorted packets and fake e-mails. Two hosts are convinced the alien computer in the middle is the other host. Modification, Replay, and Reaction Attacks
Modification is where an intruding entity changes the information which is being transferred from the source point to the destination point. An example is the insertion of a virus which is prevalent in both the wired and wireless networks which are capable for sending the text messages to cell phones. Replay involves the intruding party resending the information sent from the source party to the destination party. Reaction is where packets are sent by an intruder to the destination and the intruder monitors the reaction (M.Lail, 2002).
Interruption
Interruption blocks the information transfer from the source entity to the destination entity. Main examples of interruption attack include the Denial of service (DOS) and network flooding. Such type of attack may try to exhaust all network bandwidth using ARP flooding and ping broadcasts, Transmission Control Protocol (TCP) SYN flooding, queue flooding, synk4, and other utilities ( Yang, Ricciato, Lu, & Zhang, 2006). In Rogue Networks and Station Redirection, a rogue AP (Access Point) owned by an attacker solicits station connection traffic which it shall intercept and might also perform man-in-the-middle attacks. The rogue AP moves valid traffic off the WLAN onto a wired network for attacking and then reintroduces the traffic into the proper network (Ohrtman & Roeder, 2003).
Repudiation
Repudiation is an active attack on repudiation. Either the source or the destination denies sending or receiving a message.
The security structure
The protocol architecture of WiMAX/802.16 is classified into two main layers namely the Medium Access Control (MAC) layer and the physical layer. The physical layer authenticates and offers privacy to the SS so that the BS is protected from unauthorized network access. Two protocols are at work here namely: a privacy and key management (PKM) and an encapsulation protocol ( Huang & Chang, 2008).
The PKM uses a two tier system whereby, on startup, the SS initializes an authorization state machine that runs the authorization protocol to authenticate the SS to the BS and establish a shared secret (the authorization key [AK]) and one or more security associations (SAs); for each SA, the SS then initializes a traffic encryption key (TEK) state machine that uses the key management protocol and the AK to manage the secure exchange and update the TEKs ( Huang & Chang, 2008).
Authorization Protocol
The BS uses the authorization protocol to authenticate and authorize network access to an SS. As Figure 1 shows;
According to ( Huang & Chang, 2008), the first message is an optional authentication information message from the subscriber station (SS) to the base station (BS) vulnerable to replay attacks, the second message is an authorization request message from the SS to the BS, and the third message is an authorization response message from the BS to the SS (Also vulnerable to replay attacks and man-in-the-middle attack).
To counter replay attacks, time stamps are added to the second and third messages, along with the SS's signature. Man-in-the middle attacks are countered by the incorporation of mutual authentication that requires the BS to send its certificate in the third message, so that the SS could also authenticate the BS. Figure 2 shows the revised protocol with these modifications ( Huang & Chang, 2008).
According to (Huang & Xu, 2006), the 802.16e amendment specifies PKMv2, which revises the original authorization protocol to provide mutual authentication and adds an additional message to provide SS acknowledgment and achieve X.509 three-way authentication. Nevertheless, this enhanced version is still open to an interleaving attack, in which an attacker initially impersonates a valid SS to run a first PKMv2 protocol instance and exchange the first two messages of PKMv2 with the BS, then impersonates a valid BS to run a second PKMv2 protocol instance with the impersonated SS, and finally uses the third message sent by the impersonated SS in the second protocol instance to reply to the BS as the third message in the first protocol instance. The attacker therefore, gets authenticated as the legitimate SS.
Key Management Protocol
Here, the first message is optional and sent only if the BS deems it necessary to rekey before the SS requests it. The BS will choose a SAID from the SAIDList, which the SS is allowed to access. SeqNo is the sequence number of the AK that the BS provides to the SS in the authorization protocol. Upon receiving the first message, the SS will reply with a Key-Request.
If the SS doesn't receive the first message from the BS before the current key expires, the SS will send the normal Key-Request message when the key is just about to expire (typically, when the SS chooses the SAID from the SAIDList). In the third message, the BS responds with a Key-Reply that includes keying materials. At all times, the BS maintains two active sets of keying materials per SAID: the OldTEK for the currently used TEK and the NewTEK for when it expires. The keying materials include the TEK encrypted by the key encryption key (KEK), which is derived from the AK, the CBC initialization vector used by the encryption algorithm, and the remaining lifetimes of keying materials. Each message in the key management protocol contains a keyed message authentication code (HMAC) for checking message integrity. The SeqNo lets the BS and the SS determine which HMAC key (also derived from the AK) to use for computing the HMAC. The SS in the key management protocol is secure from replay attacks because the Old- TEK in the recently received Key-Reply message should be the NewTEK in the previous message. However, the BS is still vulnerable to replay attacks in the second message. If an adversary replays the Key-Request message to the BS, the latter can't determine whether it's a fresh request from the SS, so it'll send a Key-Reply message with new keying materials. This can result in frequent exchange of keying materials (thus exhausting the BS's capabilities) or confusion about the TEK's use. As in the authorization protocol, a time stamp is a suitable freshness identifier to counter replay attacks, but the signatures in the authorization protocol messages are unnecessary here because the HMAC already provides message authentication.
Encryption
The 802.16 standard also allows encryption of packets in a WiMAX network to provide confidentiality ( Huang & Chang, 2008). The figure below illustrates the encryption mechanism in the 802.16 standard.
Typically, the payload of a MAC Protocol Data Unit (MPDU) is encrypted, whereas the generic MAC header (GMH) is sent in the clear. The BS and the SS decide which cryptographic suite to apply via the SAID and which TEK to use according to the two encryption key sequence bits in the GMH. The 802.16 standard specifies two main cryptographic suites for encryption: Data Encryption Standard- Cipher Block Chaining (DES-CBC) and Advanced Encryption Standard in Counter with CBC-MAC (AES-CCM). The latter is considered state of the art because of the former's insufficient key length and other known vulnerabilities.
Data Content Distribution
The Multicast and Broadcast Service (MBS) in IEEE 802.16e is a mechanism for efficiently distributing data content, especially multimedia traffic, across multiple BSs. The MBS aims to provide subscribers with strong protection from service theft by encrypting broadcast connections between SSs and BSs. Specifically, the MBS uses the multicast and broadcast rekeying algorithm (MBRA) to refresh traffic keying material. Prior to receiving multicast service, an SS must register and authenticate with a BS via the PKM protocol. The BS and SS exchange PKM messages through the primary management connection, except that the
PKMv2 Group-Key-Update-Command is transferred over the broadcast connection. The BS sends multicast traffic to all SSs in the multicast group and encrypts it using a single group-wide session key called the group traffic encryption key (GTEK). Because every SS must have the current GTEK to decrypt multicast data, the challenge is how to efficiently distribute and update it to all the SSs in the multicast group. A trivial solution is to let the BS securely distribute the updated GTEK to each SS individually when a new SS wants to join the group, a member wants to leave the group, or the current GTEK is about to expire, but this solution isn't scalable because of the multitude of unicast key exchanges. The MBRA offers an improvement. To ensure timely distribution of the new GTEK before the current one expires, the MBRA uses a group key encryption key (GKEK) to encrypt the new GTEK and broadcast to all the SSs. An SS gets the initial GTEK, which the BS uses to encrypt the multicast traffic, via Key-Request and Key-Reply messages over the primary management connection. A BS updates and distributes the traffic keying material periodically by sending two Group-Key-Update-Command messages: one for the GKEK update mode and the other for the GTEK update mode. Intermittently, a BS transmits the Key-Update-Command message for the GKEK update mode to each SS through its primary management connection. This message contains the new GKEK encrypted with the KEK, which is derived from the AK established during authentication. Then, the BS transmits the Key-Update-Command message for the GTEK update mode through the broadcast connection, which contains the new GTEK encrypted with the corresponding GKEK. We can specify the protocol as follows:
BS → SS: {GKEK}KEK (1)
BS ⇒ all SS: {GTEK}GKEK, (2)
Where → stands for a unicast message, and ⇒ stands for a broadcast message. However, this protocol has two problems: first, it isn't scalable because it still needs to unicast to each SS, and, second, it doesn't address the issue of backward and forward secrecy. When a new member receives the current GTEK, for example, it can decrypt all previous messages that were multicast during the same GTEK's lifetime. Nothing in this protocol prevents an SS that's leaving the group from receiving the next GKEK or decrypting the next GTEK.
