Security in WiMAX

It is known since recently that protections used in wireless networks are of key importance for correct performance of such a network, which WiFi network users know for sure. Creators of 802.16, usually called WiMAX, standard bore this in mind (in reality WiMAX and 802.16 do not mean the same thing, just like WiFi and 802.11). Mechanisms responsible for safety introduced into the standard are supposed to guarantee protection of this network, so-far unmatched by any other wireless network. I will try to briefly present those mechanisms below so that everyone can have a look at them and see for themselves how the complication applied in this system may actually contribute to providing safety.

Specification covers two first layers of the ISO/OSI model, that is the physical layer called PHY and the data link layer called MAC. Inside the MAC layer, there is a separate security sublayer responsible for safe authentication, authorization and encoding of data between the subscriber's terminal and the base station. Basically, two protocols are responsible for safety, namely the encapsulating protocol whose task is to encode movement in the network key management protocol, PKM, responsible for exchange of keys between the base station and the protocol. Role of the first one seems to be obvious, but PKM protocol requires more detailed description.

PKM protocol operates on the client/server model, where the subscriber's terminal, which is the client, sends requests for rations or for updating of keys to the base station, that is the server. First of all, we should have a closer look at keys used by the protocol, as there are quite a few of them and understanding their mission is necessary for understanding of operation of the protocol itself. We have:

- The public terminal key: It is a terminal key used during initial authorization process. The base station uses it for encoding the authorization key AK. Public keys are generated with RSA algorithm.
- AK, Authorization Key: It is a key used for authorization. The base station activates it for each authenticated terminal and sends it back to the terminal, having first encoded it with RSA key.
- KEK, Key Encoding Key: This key is received from AK key and it is used for encoding keys encoding TEK movement.
- HMAC_KEY_U and HMAC_KEY_D: these keys are received from the AK key and they are used for checking authenticity off system messages in the downward movement (from the base station to the terminal) and in the upward movement (from the terminal to the base station).
- TEK, Movement Encoding Key: As its name itself says, it is a key used for encoding data in the network.

The whole authorization procedure is started by the terminal. Each terminal has its own unique digital certificate X.509 which comprises of, among others, the already-mentioned public key and MAC address in "xx:xx:xx:xx:xx:xx" form. After the net is found and initial procedures are made, the terminal begins the authorization process. Authorization consists in authenticating if the terminal, that is the base station confirming its authenticity and equipping it with AK authorization key. Beginning the authorization, the terminal sends two messages, one after the other, to the base station:

1.Authentication Information: it is a message containing purely information with only one digital certificate X.509 of the terminal
2.Authorization Request: It is a request towards the base station for performing authorization of the terminal. Apart from a digital certificate, this message contains also information in cryptographic algorithms the terminal can operate.

See also: WiMAX Security Authentication Aspects