International Journal of Advanced Engineering Research and Science (IJAERS)
Vol-3, Issue-2 , Feb- 2016] ISSN: 2349-6495
Survey on Security Architecture for 4G Wireless Networks R. Sugitha1, M. Leeban Moses2
1
PG Scholar, Department of ECE, Coimbatore Institute of Engineering and Technology, Coimbatore, India 2 Department of ECE, Coimbatore Institute of Engineering and Technology, Coimbatore, India
Abstract─ Security is the vital factor in communication networks but it is always critical in wireless networks such as WiMAX. The Initial Network Entry Procedure is the process to establish a connection in IEEE 802.16 (WiMAX) networks deals with unencrypted message transmission which results in major security flaws. Authentication is the main factor and when if it is not well safeguarded, all the other security factors will become vulnerable. Denial of Service (DoS) and Man In The Middle (MITM) are such attacks which degrades the performance of the network. Focusing on these two kinds of attacks this paper incorporates with some of the authentication mechanisms such as SINEP, PKM, EAP and SAI which enhances the efficiency of WiMAX security. Keywords─DoS, MITM, WiMAX, Authentication, PKM, SINEP, EAP, SAI. I. INTRODUCTION Worldwide Interoperability for Microwave Access or simply WiMAX is based on IEEE 802.16 standard. It is a wireless digital communication system which eliminates the constraints of Wi-Fi. Apart from its commercialization, its security scheme was challenged by several types of attacks. It provides wireless broadband to fixed and mobile terminals in a large geographical area. It operates over licensed and nonlicensed frequencies using line-of-sight and non-line-of-sight technologies. It assures to deliver last-mile wireless broadband internet access capable of carrying data intensive applications. The 2005 version of WiMAX contributes data rate up to 40Mbits/s and in 2011 version can able to support data rate up to 1 Gbit/s for fixed stations The IEEE 802.16 MAC was composed for point-to-multipoint broadband wireless access network applications. The fundamental task of the WiMAX MAC layer is to implement a connection between the upper transport layers and the physical layer. The authentication, authorization and encryption takes place in the security sub layers of WiMAX as discussed in [3].The denial of service attack is normally an effort to make a network resource unavailable for its predetermined users so as to suspend the services of a host www.ijaers.com
connected to the internet. Man-in-the-middle is an attack in which the attacker communicates and alters the communication between two systems which trusts they are directly communicating with each other. The vulnerabilities in WiMAX are mainly due to unauthenticated messages, shared keys in broadband service networks and unencrypted messages [6].The security threats are primarily due to unprotected MAC messages in the communication between the stations. The following protocols provide such authentication mechanisms to overcome the above discussed security threats. The hasty authentication protocols are discussed in the following chapters in which the SAI and the EAP are the mechanisms used to eliminate the denial of service attack particularly the distributed DoS. The PKM protocol is normally used in the WiMAX networks to overcome DoS attack. Finally the SINEP protocol is explained which is proved to be invulnerable to the MITM attack. II. AUTHENTICATION MECHANISMS 1.1 SAI (Shared Authentication Information) Phase SAI mechanism is used to detect the Distributed Denial of Service (DDoS) in work stations[5]. Initially, MS and PC share SAI when the MS enters the idle mode. When the MS updates its location or re-enters normal operation, it has to submit SAI to the PC. Then the PC will compare this value to the original shared value. If the values are matched, the remaining procedures follow or else the other procedures are terminated. SAI update must be performed for next secure LU (location update) if secure LU is successful. When DDoS attack is performed by malicious MSs, the BS and PC and Authenticator are stressed accordingly by the load of verifying CMAC values, by checking whether the requesting MSs are in idle mode. By using SAI, we can avoid these unnecessary procedures under DDoS attack. Initialization of SAI: Both DREG-REQ (deregistration request) and DREG-CMD (deregistration command) messages are used to extract SAI. DRE-GREQ is used for illustration. When an MS enters idle mode, it calculates the CMAC value for DREG-REQ, extracts SAI from it and stores Page | 68
International Journal of Advanced Engineering Research and Science (IJAERS) SAI, finally sends DREG-REQ to the BS. The BS receives request (DREG-REQ), verifies the CMAC value, extracts and then stores SAI only when the CMAC is valid. BS sends the MS’s identifier and SAI to the PC over MS-info Request message. The PC replies with MS-info Response message and confirms the SAI processing result. Verification and transmission of SAI: An MS does Secure LU or Idle Mode Re-entry and is allocated the bandwidth for ranging and sends RNG-REQ (ranging request) including Type, Length, and Value (TLV) field for SAI. As the SAI is included TLV, there is no change required in the Mobile WiMAX standard or 802.16e. The TLV for SAI is given as follows: 1. Upon receiving RNG-REQ, BS passes SAI TLV to PC using LU REQ message The PC verifies the SAI. If the two values are similar, the PC requests the AK context of MS to Authenticator through the Context REQ message. Thus the Authenticator generates AK context and then sends it to the PC by Context RSP message. 2. If when the Authenticator and the PC are in the same body or entity, there is no exchange of Context REQ and Context RSP messages. The AK context is returned by PC to the BS by LU RSP message. 3. Then the BS calculates CMAC value of the RNG-REQ with CMAC key of the MS, validates it and if the CMAC value is valid, it sends RNG-RSP to the MS. 4. If the two SAIs are not matched, The PC notifies failure of LU to the BS and then ignores the RNG-REQ message. The effectiveness of DoS attack is lessen by skipping Context REQ and Context RSP message exchange, AK context generation and CMAC verification. Type = TBD (To Be Determined) Length = 1 _ 64 bits (depends upon the required security assurance) Value = high order 64 bits of CMAC value} Update of SAI: After SAI is used; an MS has to update the SAI since the SAI is submitted to the PC in clear text. At the time of the MS does IM Re-entry, it goes back to normal state and so the MS can update the SAI when it re-enters idle mode by de-registration process. Therefore no explicit update procedures are needed for the IM Re-entry case. In the other case of Secure LU, after secure LU, a MS returns to idle mode. During Secure LU, the MS and BS exchange RNGREQ and RNG-RSP messages. The detailed procedures of updating SAI depend on whether to use RNG-REQ or RNGRSP. To illustrate the update procedures RNG-RSP message is used. PC validates the MS’s SAI by exchanging LU REQ and LU RSP messages with BS. Then RNG-RSP message is created by BS, updates SAI using the CMAC value of this www.ijaers.com
Vol-3, Issue-2 , Feb- 2016] ISSN: 2349-6495
RNGRSP message and sends the RNG-RSP to the MS. The BS now transmits LU confirm message to the PC in order to inform the updated SAI. The PC and MS again are with the same new SAI shows the process of storing, verifying, and updating SAI in the case of Secure LU. 1.2 Extensible Authentication Protocol This protocol EAP is an authentication framework frequently used in wireless networks with point-to-point connections. EAP is widely used scheme and it is a wireless protocol.EAP is an authentication framework which provides the transport and usage of keying material and parameters created by EAP methods. Every protocol which uses EAP describes a way to envelop EAP messages within that protocol's messages. For example, in IEEE 802.11 (Wi-Fi) the WPA and WPA2 standards have approved IEEE 802.1X with one-hundred EAP Types as the official authentication mechanisms. Literally, EAP protocol provides some common negotiations and functions of authentication methods called EAP methods. Currently there are about 40 different methods are defined. EAP is a two-party protocol spoken between the EAP server and peer. In EAP, keying material is developed by EAP authentication algorithms, known as "methods". A section of this keying material can be used by EAP methods itself, and a section of this material can be exported. In extension to the export of keying material, EAP methods can also transport or export associated parameters such as authenticated peer and server determines and a unique EAP conversation identifier, and able to import and export the lower-layer parameters known as channel binding parameters. Generally, a Request is given by the authenticator for the authentication of peer. The Request has a Type field to express what is being requested. The Request Types have examples include Identity, MD5-challenge, etc. The MD5challenge Type resemble nearly to the CHAP authentication protocol. Generally, the authenticator sends an initial Identity Request. But an initial Identity Request is not needed, and may be bypassed. For example, the identity may not be needed where it is figured or determined by the port to which the peer has connected (leased lines, dedicated switches, dialup ports), or where the identity is realized in another fashion (via calling or MAC address or station identity in the Name field of the MD5-Challenge Response, etc.).The peer sends a Response packet in reply to a valid Request. At the same time, as with the Request packet, the Response packet consists of a Type field, which corresponds to the Request’s type field. The authenticator sending an additional Request packet and the peer replies with a Response. The sequence of Requests ,the Responses continues as long as needed. EAP is a 'lock Page | 69
International Journal of Advanced Engineering Research and Science (IJAERS) step' protocol so that other than the initial Request, a new Request is not able to send prior to receive a valid Response. An authenticator is in charge for retransmitting requests. After an appropriate number of retransmissions, the authenticator should end the EAP conversation. The authenticator should not send a Success or Failure packet when retransmitting or when it fails to obtain a response from the peer. The conversation extends until the authenticator cannot authenticate the peer (unacceptable Responses till one or more Requests), in that case the authenticator implementation should transmits an EAP Failure. Alternatively, the conversation of authentication can continue till the authenticator decides that successful authentication has happened, in that case the authenticator must transmit an EAP Success. EAP Header: It consists of 8 bits. It specifies the function to be performed. Identifier: It consists of 8 bits. It is used to match EAP requests and replies. Length: Length of the EAP is 16 bits. It includes an EAP header and data fields. Zero or more bytes of data is indicated by the Length field. EAP Server: The entity aborts the EAP authentication method with the peer. Wherever no backend authentication server is used, the EAP server will be the part of an authenticator. The EAP server is located on the backend authentication server, when the authenticator operates in pass-through mode. EAP Authentication: Extensible Authentication Protocol Conjunction with an Operator Selected EAP Method is used by an EAP Authentication. E.g.: EAP-TLS. It uses Credentials like X.509 Certificate in case of EAP-TLS and Subscriber Identity Module in case of EAP-SIM. 1.3 Privacy Key Management The BS acts as server and controls the distribution of keying material to the client SS. An authenticated client/server key management protocol is worked out by the security Sub layer of IEEE 802.16 standard. The PKM (Privacy Key Management) protocol Based security is present where the BS authenticates a client SS during the initial Authorization exchange. An SS used digital-certificate to get authentication from the BS. Public key cryptography is used by the PKM protocol to establish a shared secret Key between the SS and the BS. PKM protocol is also used by the SS to support periodic reauthorization and key refresh. PKMv1 is used in IEEE 802.16 standard and its basic working features are listed in the table below. www.ijaers.com
Vol-3, Issue-2 , Feb- 2016] ISSN: 2349-6495
In IEEE 802.16 standard the PKM protocol possess two generic MAC management messages as follows • PKM Request (PKM-REQ). The PKM-REQ message contains one PKM message in its message payload. This message is transferred from the SS to the BS. • PKM Response (PKM-RSP). The PKM-RSP message contains one PKM message in its message payload. It is always transferred from the BS to the SS. The BS authenticates the SS and contributes it with key material to enable the ciphering of data after capability negotiation. Generally SS starts initial work with RSA private/public key pairs which are preinstalled by the manufacturing company on it. Sometimes an internal algorithm might be given to create these types of key pairs instead of direct attachment. If RSA key pairs are installed on SS initially by manufacturer, a digital X.509 certificate is also provided. But, when the internal algorithm is needed to generate key pairs, there exists a mechanism to install manufacturer issued X.509 certificate by following the key generation. So, X.509 digital certificate of each SS is unique and issued by the SS manufacturer. The public key and the MAC address of an SS are attached with the SS X.509 digital certificate. The SS X.509 certificate is a public key certificate that merges the SS identifying information to its RSA public key. The secret key AK is received from the operator. The SS presents its digital certificate to the BS when requesting the AK. The SS X.509 certificate is signed digitally by the SS manufacturer. As the BS knows the manufacturer’s public key, it can verify the signature easily. Then SS got the verification from the BS by showing its X.509 digital certificate during the time of requesting an AK (Authorization Key). It also presents the description of the supported cryptographic algorithms to the BS. Further secure transactions will be finished by this shared secret AK. Before sending an authentication response to the SS the BS verifies the digital certificate and determines the encryption algorithm that should be used. The Encryption of AK is done by using the RSA Algorithm with the verified public key. Then this RSA public key encrypted AK is sent to the requesting SS from the BS. At first, a PKM Authorization Information message is sent by SS. X.509 certificate is availed with this message. This contains the message that SS sends to the BS and the BS gets the knowledge of manufacturer’s certificate of the client SS. After getting the Authorization Information message the SS sends a PKM Authorization Request message to the BS. This Page | 70
International Journal of Advanced Engineering Research and Science (IJAERS) message consists of SS X.509 certificate, SS’s primary SAID and a description of its security ability. The digital certificate is verified once again by the BS. The public key encrypts the AK. The BS sends back to a PKM Authorization Response message to the SS containing this AK. Cloned SS’s are prevented to pass fake credentials to the BS with this mechanism. • The PKM supports two types of Authentication. They are Mutual Authentication and Unilateral Authentication. Further it supports Periodic Re-authentication and Key Refresh. • It uses either Extensible Authentication Protocol (EAP) or X.509 Digital Certificate with RSA Public Key Encryption Algorithm. • PKM Supports in two types of Standard PKM Version1 and PKM Version2 Which is enhanced with additional features like New Key Hierarchy, AES CMAC, AES Key Wrap and MBS. Authentication of X.509 Certificate: • Hash Message Authentication Code (HMAC) • X.509 Certificate Manufacture Certificate Subscriber Certificate Base Station Certificate • EAP PKM supports two types of Authentication Protocol Mechanism as follows • RSA Protocol • EAP (optional) 1.4 SINEP (Secure Initial Network Entry Protocol) A security model called SINEP uses to enhance the security level of the network during the Initial network entry procedure in WiMAX. This protocol is based on the Diff-Hellman (DH) key exchange protocol. In additional to that it introduces a mutual entity authentication algorithm based on hash functions. So it can be able to weaken the MITM attack present in the implementation of employment of the DH key exchange protocol. Integrity or authenticity is provided by the Cryptographic hash functions to data in a way of mapping the data to a short bit string known as a hash value. The SINEP protocol follows the challenge-response entity authentication mechanism with an exchange of stations’ public keys [2]. This model assumes that every SS in the network has a different or uncommon International Subscriber Station Identity (ISSI) which is used to yield a Temporary Subscriber Station Identity (TSSI) then it works as its identity. In turn, the SS uses its TSSI to provoke the hash value H (TSSI) which is considered to be known by the BS. The model uses H (TSSI) in the protocol run as the input www.ijaers.com
Vol-3, Issue-2 , Feb- 2016] ISSN: 2349-6495
parameter of the hash authentication function rather than TSSI to avoid identity theft of the legal BS by an adversary. When SS wants to communicate with a BS in the WiMAX network it sends a claim to the BS, which in return sends a challenge (Nb) to the claiming SS. The SS figures out the result with respect to the challenge received and sends it along with its public key (PKSS), its individual challenge (Na) and prime numbers (r, s) which are required for the implementation of the DH protocol, to the supplying BS. The result generated is a hash-based cascade of the Nb, PKSS and the hashed character of SS, H (TSSI), H (H (TSSI) ||Nb||PKSS)). Depends on receipt, the BS calculates the hash value using the same inputs and correlates it with the SS’s hash value. If the values match, the BS sends an acceptance token as a proof of authentication, its own public key (PKBS) and the result to the challenge (Na), to the SS. In case of a mismatch, the BS detached from the respective SS. Likewise, the result generated by the BS is a hash-based cascade of Na, PKBS and its hash value, H (TSSI), H (H (TSSI||Na||PKBS)). After receiving the result message from the BS, the SS justifies the hash value and if it finds a match then it sends back an acceptance token to the BS as a proof of successful authentication. Finally, mutual entity authentication is successfully achieved and a shared encryption key is developed and used to encrypt the vulnerable messages. Likewise, if there is a mismatch between the SS’s hash value and the thing sent by the BS, the SS disconnects from that particular BS. SINEP protocol has been proved to be resistant to content manipulations by the modeled MITM attack. Therefore, the chances of the security capability of the network being decreased by an intruder will be eliminated by implementing the SINEP protocol at the initial network entry point in WiMAX. SINEP protocol is invulnerable to the MITM attack and so it can be safely claimed that it is resistant to any attempt to expose valuable messages in the protocol run using our attacker capability model. III. CONCLUSION This paper portrays some of the authentication mechanisms which are invulnerable to the security threats such as DoS or MITM attack present in the IEEE 802.16 WiMAX networks. The SAI, EAP and PKM are designed to overcome the denial of service attack and SINEP is for MITM attack. A survey of the authentication protocols is given which can eliminate the possibilities of above mentioned threats so that the performance of the network should not be degraded.
Page | 71
International Journal of Advanced Engineering Research and Science (IJAERS) REFERENCES [1] Perumalraja Rengaraju, Chung-Horng Lung and Anand Srinivasan,”QoS-Aware Distributed Security Architecture for 4G Multihop Wireless Networks” IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, Vol. 63, No. 6, pp. 2886-2900, July 2014. [2] Beth N. Komu , Mjumo Mzyece and Karim Djouani,”Formal Verification of Hash-based Authentication Protocol in WiMAX Networks”, whitepaper on WiMAX networks.pdf, 4 Feb 2016. [3] M Alzaabi, K D Ranjeeth, Professor T Alukaidey and Dr K Salman,” SECURITY ALGORITHMS FOR WIMAX”, (IJNSA), Vol.5, No.3, May 2013. [4] Kiran Gowda H N, Kusuma M, Udaya Kumar C,” A Comprehensive Study on 4G Broadband Networks: WiMAX and LTE”,IJARCCE, Vol. 2, Issue 9, Sep 2013. [5] B.Chandran Mahesh, Dr. B. Prabhakara Rao,” Protecting Base Stations and Mobile Stations of WiMAX Network Using EAP and SAI Algorithm to Over-Come DDoS Attacks” ,IJAIEM, Vol. 3, Issue 3, Mar 2014.
www.ijaers.com
Vol-3, Issue-2 , Feb- 2016] ISSN: 2349-6495
[6] N. Seddigh, B. Nandy, and R. Makkar, “Security advances and challenges in 4G wireless networks,” in Proc. 8th Annu. Conf. Privacy, Security, Trust, 2010, pp. 62–71. [7] P. Rengaraju, C-H. Lung, and A. Srinivasan, “An analysis on mobile WiMAX security,” in Proc. IEEE Toronto Int. Conf. Sci. Tech. Hum., 2009, pp. 439–444. [8] T. Han, N. Zhang, K. Liu, B. Tang, and Y. Liu, “Analysis of mobile WiMAX security: Vulnerabilities and solutions,” in Proc. 5th Int. Conf. Mobile Ad Hoc Sensor Syst., 2008, pp. 828–833. [9] B. Kwon, R. A. Beyah, and J. Copeland, “Key Challenges in Securing WiMAX Mesh Networks,” J. Security, Commun. Netw., Vol. 2, no. 5, pp. 413–426, Oct 2009. [10] T. Han, N. Zhang, K. Liu, B. Tang, and Y. Liu, “Analysis of mobile WiMAX security: Vulnerabilities and solutions,” in Proc. 5th Int. Conf. Mobile Ad Hoc Sensor Syst., 2008, pp. 828–833.
Page | 72