|
IEEE Protocol | WiMAX |
|
| | 802.16 | 802.16e |
|
Authentication | Method | Privacy Key Management Protocol (PKM). Only SS authentication with X.509 version 3 and RSA public-key cryptography | 2 PKM versions. V.1 is the 802.16 PKM, and V.2 is more enhanced with mutual authentication option (BS presents its certificate to SS). Two authentication schemes can be used separately or combined: RSA, EAP, RSA-EAP, EAP after EAP authentication. For RSA, client authentication with X.509 v.3 certificates. EAP uses credentials: X509 certificate for EAP-TLS, or Subscriber Identity Module for EAP-SIM |
|
Key Derivation and Management | Key Management and short description | After Certificate approval, BS sends authorization reply with Authorization Key (AK) encrypted with client’s Public Key, and the Security Association set Identity (SAID). From AK derives KEK, HMAC_KEY_U, HMAC_KEY_D, (U for uplink and D for downlink). The last two keys used for the HMAC digest for management messages. For every SAID, a TEK state machine is responsible for key material usage. TEK sends periodically messages for key content refresh. TEK key material is used for uplink and downlink encryption. BS maintains 2 sets of active AKs and TEKs, old and new for each SAID. There is a 4-bit AK sequence number increased by one for each new AK. Additionally a 32-bit packet number (PN). Both prevent replay attacks | AK in PKM v.2 operates as in PKM. In PKM v.2, there two key material primary sources. For RSA, BS’ initial key material is the 256-bit pre-PAK (primary authorization key). Pre-PAK gives 160 bit PAK and 160 bit EIK (EAP Integrity Key). PAK+EIK+SS MAC address + BSID generate AK. For EAP only, the initial key is the 512-bit Master Session Key (MSK) and generates the 160 bit Pairwise Master Key (PMK) and optionally the 160 bit EIK with MSK truncation to 320 bits. From PMK+SS’ MAC address + BSID AK derives. For RSA-EAP, PAK and EIK derive from RSA and PMK from EAP. AK is generated from PAK XOR PMK+ SS’ MAC address + BSID. For EAP after EAP, PMK1 and EIK derive and from 2nd EAP PMK2 derives. PMK1 XOR PMK2+SS’ MAC address and BSID, the AK derives. From AK 3 keys derive: One is the 128-bit KEK and the other two are: (I) The 160 bit HMAC_KEY_U and HMAC_KEY_D, if HMAC is used, and (II) The 128 bit CMAC_KEY_U and CMAC_KEY_D, if CMAC is used. If EAP only is used, the three aforementioned keys will derive from EIK. All key derivations are based on the Dot16KF algorithm |
|
Confidentiality | Traffic Key Encryption Algorithm | (i)112 bit 3-DES with 64 bit KEK, if TEK is 64 bits. | (i) 112 bit 3-DES with 64 bit KEK, if TEK is 64 bits. |
(ii) AES in ECB mode with 128 bit KEK, if TEK is 128 bits. | (ii) AES in ECB mode with 128 bit KEK, if TEK is 128 bits. |
(iii) RSA encryption with SS’s public key if TEK is 128 bits. |
(iii) RSA with SS’s public key if TEK is 128 bits. |
|
(iv) AES Key Wrap with 128-bit KEK for 128-bit TEK encryption. |
Cipher Algorithms for traffic Data and Key size |
(i) DES- CBC with 56 bit TEK and 64 bit block encryption along with 64 bit IV. | (i) DES in CBC mode. |
(ii) AES in CCM mode with 128 bit TEK. |
(ii) AES in CCM mode. |
|
(iii) AES in CBC mode with 128 bit TEK. |
Encrypted Frames | MPDU + ICV | MPDU + MAC (Message Authentication Code) |
|
Integrity | Integrity Algorithm | (i) DES-CBC mode for 64 bit ICV. | (i) DES-CBC mode for 64 bit MAC. |
(ii) AES-CCM mode for 64 bit ICV. | (ii) AES-CCM mode for 64 bit MAC. |
(iii) SHA-1 for HMAC. | (iii) AES-CBC mode for 64 bit MAC. |
| (iv) SHA-1 for HMAC Digest. |
| (v) AES-CMAC value. |
Protected Frames |
[ICV]: MPDU + additional packet information. |
[MAC]: MPDU = additional packet information. |
[HMAC]: Management messages. | [HMAC]: Management messages. |
| [CMAC]: Management messages + additional information. |
|