Formalization and Verification of the PKMv3 Protocol Using CSP

IEEE 802.16m, aiming at providing secure communication pathways between the base station (BS) and the mobile station (MS), is a broadband wireless MAN (Metropolitan Area Network) standard. Its security sublayer contains a Privacy Key Management (PKM) protocol, which achieves authentication and key management in the communication process. In this paper, we apply Communicating Sequential Processes (CSP) to formally analyze the latest version of the PKM (PKMv3) protocol. Both communication entities, i.e., the mobile station and the base station, are modelled as processes in our modelling framework. Besides, we introduce intruders in our formalization who have capabilities of intercepting, faking and overhearing. Furthermore, we employ the Process Analysis Toolkit (PAT), a model checker for CSP, to implement the entire model and then verify some non-trivial properties, such as secrecy violation and timeout freedom. With respect to the verification results, we discuss some cases where intruders may take place. Consequently, through our framework, a better understanding of the PKMv3 protocol can be achieved.

[1]  Fan Yang Comparative Analysis on TEK Exchange between PKMv1 and PKMV2 for WiMAX , 2011, 2011 7th International Conference on Wireless Communications, Networking and Mobile Computing.

[2]  Luu Anh Tuan,et al.  Modeling and Verifying Security Protocols Using PAT Approach , 2010, SSIRI 2010.

[3]  A. W. Roscoe Understanding Concurrent Systems , 2010, Texts in Computer Science.

[4]  Chin-Tser Huang,et al.  Modeling and analysis of IEEE 802.16 PKM Protocols using CasperFDR , 2008, 2008 IEEE International Symposium on Wireless Communication Systems.

[5]  Valli Kumari Vatsavayi,et al.  Formal Verification of IEEE802.16m PKMv3 Protocol Using CasperFDR , 2010, ICT.

[6]  Toshiaki Tanaka,et al.  Security Vulnerabilities and Solutions in Mobile WiMAX , 2007 .

[7]  Ning Zhang,et al.  Analysis of mobile WiMAX security: Vulnerabilities and solutions , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.