论文信息 - Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions

Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions

Without physical boundaries, a wireless network faces many more vulnerabilities than a wired network does. IEEE 802.16 provides a security sublayer in the MAC layer to address the privacy issues across the fixed BWA (broadband wireless access). Several articles have been published to address the flaws in IEEE 802.16 security after IEEE 802.16-2001 was released. However, even the enhanced version IEEE 802.16-2004 does not settle all the problems and additional flaws emerge. In addition, we found that PKM (privacy and key management) protocols version 2 (PKMv2), proposed by recently released IEEE 802.16e, is also vulnerable to new attacks. In this paper, we first overview the IEEE 802.16 standard, especially the security sublayer, and then investigate possible attacks on the basic PKM protocol in IEEE 802.16 as well as in its other versions from related works and the newest PKMv2. We also give possible solutions to counter those attacks and verify our analysis using formal (BAN) logic.

Chin-Tser Huang | Sen Xu | Chin-Tser Huang | Sen Xu

[1] Gavin Lowe. A Family of Attacks upon Authentication Protocols , 1997 .

[2] S. Wang,et al. IEEE standard 802.16: a technical overview of the WirelessMAN/sup TM/ air interface for broadband wireless access , 2002, IEEE Communications Magazine.

[3] David Johnston,et al. Overview of IEEE 802.16 security , 2004, IEEE Security & Privacy Magazine.

[4] Martín Abadi,et al. Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[5] Chris Mitchell,et al. Security defects in CCITT recommendation X.509: the directory authentication framework , 1990, CCRV.

[6] Steve A. Schneider. Security properties and CSP , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[7] William Stallings,et al. Cryptography and Network Security: Principles and Practice , 1998 .

[8] Martín Abadi,et al. A logic of authentication , 1990, TOCS.

[9] Wenbo Mao,et al. Modern Cryptography: Theory and Practice , 2003 .

[10] Chin-Tser Huang,et al. Security issues in privacy and key management protocols of IEEE 802.16 , 2006, ACM-SE 44.