Security in 802.16e 1. Outline  802.16e Security Introduction  802.16e Network Architecture  Security Architecture  X.509 cerf.  PKMv1  RSA Authentication.

Slides:



Advertisements
Similar presentations
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Advertisements

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CN8816: Network Security 1 Security in Wireless LAN i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Security Issues in Mobile WiMAX(IEEE e) Frank, A Ibikunle Covenant University, Electrical and Information Engineering Department, Ota IEEE.
P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
IEEE Wireless Local Area Networks (WLAN’s).
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Overview of IEEE Security Advisor: Dr. Kai-Wei Ke Speaker: Yen-Jen Chen Date: 03/26/2007.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
1 Security in d and e Advisor: Dr. Kai-Wei Ke Speaker: Yen-Jen Chen Date: 03/04/2008.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Network Security Sorina Persa Group 3250 Group 3250.
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Michal Rapco 05, 2005 Security issues in Wireless LANs.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless and Security CSCI 5857: Encoding and Encryption.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.
1 /10 Pascal URIEN, IETF 69 th, Monday July 23 rd Chicago, IL, USA draft-urien-16ng-security-api-00.txt Security API for the IEEE Security Sublayer.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
WiMax Security Introduction About WiMax WiMax security
S. Muftic Computer Networks Security 1 Lecture 4: Message Confidentiality and Message Integrity Prof. Sead Muftic.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
Network Security David Lazăr.
Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)
11 WiMAX 安全子層於嵌入式系統下之 探討與實現 Speaker: Yen-Jen Chen ( 陳燕仁 ) Advisor: Dr. Kai-Wei Ke ( 柯開維 博士 ) Date: 07/28/2008 The research and implementation of WiMAX.
Security Standards. IEEE IEEE 802 committee for LAN standards IEEE formed in 1990’s – charter to develop a protocol & transmission specifications.
Security Support for Multi-cast Traffic in M2M communication Document Number: IEEE C802.16p-10/0032 Date Submitted: Source: Inuk Jung, Kiseon.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: Key Hierarchy Discussion Date Submitted: January 5, 2009 Present at a Future IEEE.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Doc: IEEE xxx Submission March 2015 Jeongseok Yu et al., Chung-Ang University Project: IEEE P Working Group for Wireless Personal.
Wireless Network Security CSIS 5857: Encoding and Encryption.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
History and Implementation of the IEEE 802 Security Architecture
History and Implementation of the IEEE 802 Security Architecture
Symmetric Cryptography
UNIT.4 IP Security.
Cryptography Basics and Symmetric Cryptography
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
Overview of Improvements to Key Holder Protocols
Overview of Improvements to Key Holder Protocols
WiMAX安全子層於嵌入式系統下之探討與實現
Counter With Cipher Block Chaining-MAC
Security in Wireless Metropolitan Area Networks (802.16)
Security in Wireless Metropolitan Area Networks (802.16)
Presentation transcript:

Security in e 1

Outline  e Security Introduction  e Network Architecture  Security Architecture  X.509 cerf.  PKMv1  RSA Authentication  PKMv2  RSA based Authentication  EAP based Authentication  Double EAP Authentication  RSA and EAP Authentication 2

802.16e Network Architecture 3

802.16e Network model 4

Security Architecture  Encapsulation protocol  A set of supported cryptographic suites  The rules for applying those algorithms to a MAC PDU payload  Key management protocol  Providing the secure distribution of keying data from the BS to the SS  Authentication protocol  RSA authentication protocol  Extensible Authentica5555tion Protocol 5

Supported Cryptographic suites in e Data Encryption/key Length (Bits) Data AuthenticationTEK Encryption/Key Length (Bits) None 3-DES/128 DES CBC/56None3-DES/128 None RSA/1024 DES CBC/56NoneRSA/1024 AES CCM/128 AES ECB/128 AES CCM/128 AES key wrap/128 AES CBC/128NoneAES ECB/128 AES CTR/128NoneAES ECB/128 AES CTR/128NoneAES key wrap/128 DES: Data Encryption ; AES: Advanced Encryption Standard ; CBC: Cipher Block-Chaining ; CTR: Counter ; ECB: Electronic Codebook 6

Cryptographic technology PKMv1PKMv2 Data En/Decryption56 bit CBC-Mode DES 128 bit CCM-Mode AES 128 bit CBC-Mode AES 128 bit CTR-Mode AES Data AuthenticationNot Support128 bit CCM-Mode AES Key GenerationNot DefineDot16KDF Key En/Decryption128bit EDE-Mode 3-DES 1024 bit RSA 128 bit ECB-Mode AES 128 bit AES-Key-Wrap 7

X.509 certificate 8

Private Key Management  PKMv1  Use in d  Only support RSA authentication  Only BS can authenticate SS  PKMv2  Support EAP authentication and RSA authentication  MBS (Multimedia Broadcast Services)  Key hierarchy  New cryptographic technology  BS has a certificate  BS and SS can authenticate each other 9

PKMv1-Authentication and Authorization 10

PKMv1: Re-authentication  Re-authentication 相較於開始的 authentication 少了傳送 Authentication information 這個步驟  為了避免中斷 SS 和 BS 之間的服務或連線, SS 會在 key lifetime 快到的時候傳送 Authorization request 過去, 然後 BS 和 SS 會同時啟動新的 AK 11

PKMv1:TEK exchange BS Key Request Key Reply [SS Certificate, SAID, HMAC-Digest] [Key-Sequence-Number, SAID, TEK- Parameters, HMAC-Digest] Encrypted Data Encrypt TEK with SS’s public key 12

Key hierarchy  The PKMv2 defines hierarchy for keys  Pre-PAK (pre-Primary AK) yielded by the RSA-based authorization process  MSK yielded by the EAP based authentication process  MBSAK from which keys used to protect MBS traffic are derived. 13

Key hierarchy (cont.) Pre-PAK: pre-Primary AKMTK: MBS Transport Key AK: AuthorizationEIK: EAP Integrity Key MAK: Multicast and Broadcast Service AK MGTEK: MBS Group Traffic Encryption Key KEK: Key Encryption KeyTEK: Traffic Encryption Key GKEK: Group Key Encryption Key GTEK: Group Traffic Encryption Key 14

PKMv2: RSA-based Authentication BS Authentication Information Authorization Request [Cert(manufacturer)] [Cert(MS), Security-Capabilities, MSRandom(64bits),SAID] Authorization Reply [Cert(BS),pre-PAK,PAK-Lifetime,PAK- SeqNumber,MSRandom,SA-Descriptor(s), BSRandom]  Authorization ACK 15

PKMv2: RSA-based Authentication (cont.)  RSA based authentication  EIK|PAK <= Dot16KDF(pre-PAK,SS MAC address | BSID | ” EIK+PAK ”, 320)  AK<= Dot16KDF(PAK,SS MAC address | BSID | PAK| ” AK ”,160) 16

PKMv2: EAP Authentication 17

PKMv2: EAP Authentication  One level EAP based authentication  Using the authentication exchange message to get MSK (Master session key)  PMK<= truncate(MSK,160)  AK<=Dot16KDF(PMK,SS MAC Address | BSID | “ AK ”,160) 18

PKMv2:Two level EAP Authentication  Step1: SS->BS: PKMv2_EAP_START (no attribute) SS BS: First round EAP conversation with PKMv2 EAP Transfer message without HMAC/CMAC Digest BS->SS:EAP_success BS->SS:EAP_complete [EAP payload|signed by EIK]  Step2: SS->BS:PKMv2_EAP_START signed by EIK BS->SS:PKMv2 Authenticated EAP [EAP- Identity/Request] SS BS:Second EAP conversation with PKMv2 Authenticated EAP message signed by EIK 當 Step2 success SS 和 BS 可以 generate AK from PMK1 and PMK2 19

PKMv2 AK key derivation: Two level EAP- based 20

PKMv2:Two level EAP Reauthentication 21  Step1: SS->BS: PKMv2 EAP Start signed by H/CMAC Key_U SS BS: EAP conversation with PKMv2 EAP Transfer message BS->SS: PKMv2 EAP Complete signed by AK  Step2: SS->BS: PKMv2 EAP Start signed by H/CMAC_Key_U SS BS: PKMv2 EAP Transfer signed by AK

PKMv2 :RSA+EAP based Authentication  First round :execute RSA-based authorization  Second round:execute Double EAP mode 22

PKMv2 AK key derivation:RSA+EAP based 23

KEK and Message Authentication code generation 24

KEK and Message Authentication code generation (cont.) 25

PKMv2: SA-TEK 3-Way handshake 26

Conclusion 27  Authentication & authorization  It improves single authentication to become mutual authentication between SS and BS  It reduces the possibility of fake BS attack  Data privacy  IEEE e add secure encryption standard such as AES-key- wraps.  Key exchange  Add new method to protect integrity and support MBS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.