WiMAX security

Introduction

A lot has been written on the topic of WiMAX radio technology, but what about WiMAX security? Should users feel safe that their transmitted data is free from eavesdropping and manipulation? How does a WiMAX operator ensure that only authorized users access the network and that they use only the appropriate services?

This article is the fourth in a five-part WiMAX tutorial series and focuses on WiMAX security. The first part introduced WiMAX technology, applications and terminology. The second part described WiMAX services. The third part focused on WiMAX performance. The final article will discuss WiMAX devices.

Data privacy and integrity
Encryption is a mechanism that protects data confidentiality and integrity. Encryption takes plaintext (i.e., your data) and mixes that information using a complex mathematical algorithm to produce ciphertext. The ciphertext is then transmitted over the wireless network and cannot be understood by an eavesdropper.

WiMAX uses the Advanced Encryption Standard (AES) to produce ciphertext. AES takes an encryption key and a counter as input to produce a bitstream. The bitstream is then exclusive OR'd with the plaintext to produce the ciphertext (see Figure 1).

Figure 1:AES Encryption

The receiver of the ciphertext simply reverses the process to recover the plaintext. In order for this process to work, the transmitter and the receiver must share the same encryption key.

Public key infrastructure
The WiMAX 802.16e-2005 standard uses the Privacy and Key Management Protocol version 2 (PKMv2) for securely transferring keying material between the base station and the mobile station. The PKMv2 mechanism validates user identity and establishes an authorization key (AK). The AK is very important because it is used to derive the encryption key described in the previous section.

PKMv2 supports the use of the Rivest-Shamir-Adlerman (RSA) public key cryptography exchange. The RSA public key exchange requires that the mobile station establish identity using either a manufacturer-issued X.509 digital certificate or an operator-issued credential such as a subscriber identity module (SIM) card.

The X.509 digital certificate contains the mobile station's Public-Key (PK) and its MAC address. The mobile station transfers the X.509 digital certificate to the WiMAX network, which then forwards the certificate to a certificate authority (see Figure 2). The certificate authority validates the certificate, thus validating the user identity.

Figure 2:Public Key Infrastructure

Once the user identity is validated, the WiMAX network uses the public key to create the authorization key, and sends the authorization key to the mobile station. The mobile station and the base station use the authorization key to derive an identical encryption key that is used with the AES algorithm.

Authentication
Authentication is the process of validating a user identity and often includes validating which services a user may access. The authentication process typically involves a supplicant (that resides in the mobile station), an authenticator (that may reside in the base station or a gateway), and an authentication server (see Figure 3).

WiMAX uses the Extensible Authentication Protocol (EAP) to perform user authentication and access control. EAP is actually an authentication framework that requires the use of "EAP methods" to perform the actual work of authentication. The network operator may choose an EAP method such as EAP-TLS (Transport Layer Security), or EAP-TTLS MS-CHAP v2 (Tunneled TLS with Microsoft Challenge-Handshake Authentication Protocol version 2). The messages defined by the EAP method are sent from the mobile station to an authenticator. The authenticator then forwards the messages to the authentication server using either the RADIUS or DIAMETER protocols.

Figure 3: EAP-based authentication

The EAP exchanges validate the user, ensure appropriate access control, and may also start the billing process. Enterprise network managers use a very similar process to authenticate users on a Wi-Fi network.

Conclusion
WiMAX provides robust user authentication, access control, data privacy and data integrity using sophisticated authentication and encryption technology. WiMAX users should feel confident that their transmitted data is free from eavesdropping or manipulation and that only authorized users can access WiMAX services.

Looking ahead to Part 5
Next month, we look at mobile WiMAX devices. What type of devices will support WiMAX, and how pervasively will WiMAX be embedded into mobile devices?

About the author: Paul DeBeasi is a senior analyst at the Burton Group and has more than 25 years of experience in the networking industry. Before joining the Burton Group, Paul founded ClearChoice Advisors, a wireless consulting firm, and was the VP of product marketing at Legra Systems, a wireless-switch innovator. Prior to Legra, he was the VP of product marketing at startups IPHighway and ONEX Communications and was also the frame relay product line manager for Cascade Communications. Paul began his career developing networking systems as a senior engineer at Bell Laboratories, Prime Computer and Chipcom Corp. He holds a BS degree in systems engineering from Boston University and a master of engineering degree in electrical engineering from Cornell University.

Paul is a well-known conference speaker and has spoken at many events, among them Interop, Next Generation Networks, Wi-Fi Planet and Internet Telephony.