An Analysis of Mobile WiMAX Security: Vulnerabilities and Solutions

The IEEE 802.16 Working Group on Broadband Wireless Access Standards released IEEE 802.16-2004 which is a standardized technology for supporting broadband and wireless communication with fixed and nomadic Access. The standard has a security sublayer in the MAC layer called, Privacy Key Management, which aims to provide authentication and confidentiality. However, several researches have been published to address the security vulnerabilities of 802.16-2004. After the IEEE 802.16-2004 standard, a new advanced and revised standard was released as the IEEE 802.16e-2005 amendment which is foundation of Mobile WiMAX network supporting handoffs and roaming capabilities. In the area of security aspects, Mobile WiMAX adopts improved security architecture, PKMv2, including Extensible Authentication Protocol (EAP) authentication, AES-CCM-based authenticated encryption, and CMAC or HMAC based message protection. However, there is no guarantee that PKMv2- based Mobile WiMAX network will not have security flaws. In this paper, we first describe an overview of security architecture of IEEE 802.16e-based Mobile WiMAX and its vulnerabilities. Based on the related background research, we focus on finding new security vulnerabilities such as a disclosure of security context in initial entry and a lack of secure communication in network domain. We propose possible solutions to prevent these security vulnerabilities.