View
230
Download
0
Category
Preview:
Citation preview
8/6/2019 WP Mobile WiMAX Security
1/20
WHITEPAPER
WHITE PAPER
Makes Mobile WiMAX Simple
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
2/20
WHITEPAPER
Mobile WiMAX Security
Glossary 3
Abstract 5
Introduction to Security in Wireless Networks 6
Data Link Layer Security 8
Authentication 8
Security Association 9
Authorization 10
Traffic Encryption 10
Summary 11
Network Aspects of Security 12
Mobile WiMAX Network Architecture 13
Network Reference Model 13
ASN Profile C and Security 15
ASN and CSN Interaction for Security 16
Connectivity Service Network (CSN) 18
Summary 19
2
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
3/20
WHITEPAPER
Glossary
AAA Authentication, Authorization and Accounting
AES Advanced Encryption Standard
AK Authorization Key
AKA Authentication and Key Agreement
ASN Access Service Network
ASN GW ASN gateway
BS Base Station
CHAP Challenge Handshake Authentication Protocol
CSN Connectivity Service Network
EAP Extensible Authentication Protocol
EAP-AKA EAP-Authentication and Key Agreement
EAP-PSK EAP PreShared Key
EAP-SIM EAP-Subscriber Identity Module
EAP-TLS EAP-Transport Layer Security
EAP-TTLS EAP-Tunnelled Transport Layer Security
EMSK Enhanced Master Session Key
IP Internet Protocol
IPsec IP security
KEK Key Encryption Key
MAC Media Access Control
MIP Mobile IP
MS Mobile Station
MSK Master Session Key
3
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
4/20
WHITEPAPER
NAP Network Access Provider
NAS Network Access Server
NSP Network Service Provider
PAP Password Authentication Protocol
PEAP Protected EAP
PK Public Key
PKI Public Key Infrastructure
PKM Private Key Management
PMK Pairwise Master Key
PPP Point-to-Point Protocol
RADIUS Remote Authentication Dial In User Service
RSA Rivest-Shamir-Adleman
SA Security Associations
SIM Subscriber Identity Module
TEK Traffic Encryption Key
TLS Transport Layer Security
TTLS Tunnelled TLS
USIM Universal SIM
X.509 ITU-T standard for PKI digital certificates
4
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
5/20
WHITEPAPER
Abstract
Security is an important topic in telecommunications. It is even more important
when wireless systems are used because it is generally perceived that wireless
systems easier to attack than wireline systems.
For a ground-breaking broadband wireless standard such as WiMAX, addressing the
security concerns head-on and specifying credible solutions has been an important
objective. Lessons learnt from weaknesses in Wi-Fi security have been incorporated
into the IEEE 802.16 standard.
In this white paper we start by introducing the requirements and general principles
of security in wireless networks. We then present the data link security sublayerfunctions as defined by the IEEE 802.16e-2005 standard for the WiMAX air interface.
Finally, the Network Aspects of Security (page 12) and Mobile WiMAX Network
Architecture (page 13) sections deal with the network aspects of security in
accordance with the WiMAX Forum Network Reference Model (NRM).
5
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
6/20
WHITEPAPER
Introduction to Security in Wireless Networks
Security is an important concern for the network operator and the network user. The
network operator wants to know that the users and the devices connected to their
network are who they say they are (to prevent malicious attacks, user spoofing), that
they are accessing services that they are authorised to access and that the network
users pay for the services they have used. The network users want to ensure that their
privacy is protected, that the integrity of the data they send and receive is not
compromised, that they can access the services they have subscribed to and that they
are not over charged for those services.
In fact, the expectations of the network operator and the network user are not
contradictory but complimentary. Any well designed network needs to deliver these
perfectly reasonable expectations which can only be achieved by the equipment
vendors, system integrators and network operators working together and making the
right design choices. In table 1 below, we have summarised these security
expectations
Table 1 Security Expectations
6
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
Stakeholder Security Concern Comment
Privacy Protect fromeavesdropping
Data integrity Protect user data frombeing tampered intransit
Access to services User has the correctcredentials
Correct accounting Accuracy and efficiencyof accounting
User authentication Is the user who he sayshe is?
Device authentication Is the device thecorrect device?
Authorization Is the user authorizedto receive a particularservice?
Access control Only authorized usershave access to services
NetworkUser
NetworkOperator
8/6/2019 WP Mobile WiMAX Security
7/20
WHITEPAPER Security is handled at multiple layers of the network, each layer handling a
complimentary aspect of security. Security functions can be mapped to different
layers of the OSI 7-layer model as shown in Figure 1 below.
Figure 1 Security functions at various network layers
The security sublayer specified by the IEEE 802.16e-2005 only deals with the Data
Link Layer security. Link Layer authentication and authorization ensures that the
network is only accessed by permitted users. Link Layer encryption ensures privacy
and protects traffic data from eavesdropping by unauthorised third parties.
Network Layer security measures protect the network from malicious attacks achieved
through the use of firewalls and AAA servers. RADIUS is the most widely usedprotocol for AAA interactions. Mobile WiMAX network architecture addresses the use
of these techniques by providing an AAA based secure roaming model.
The Transport and Application layers provide additional security measures as deemed
appropriate by the network operator, application service providers (ASPs) or the end
users themselves. The security measures employed at the higher layers are outside the
scope of this white paper.
7
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
7 Application LayerDigital signatures, certificates, end-
to-end security
4Transport Layer Transport layer security (TLS)
3 Network Layer IPsec, AAA infrastructure, RADIUS
2 Data Link Layer AES, PKI, X.509
1 Physical Layer WiMAX PHY
8/6/2019 WP Mobile WiMAX Security
8/20
WHITEPAPER
Data Link Layer Security
Authentication
The Data Link Layer security functions encompass the essential functions of
authentication, authorization and encryption which take place between the end user
station [note that we will talk about mobile station (MS) but the same principles also
apply to subscriber stations (SS)] and the base station (BS) over the IEEE 802.16e-
2005 air interface.
Please note that in this section, for simplicity, we will attribute various security
functions to the BS. In reality all these functions may not reside in the BS and may be
performed in conjunction with other nodes in the network as will be explained indetail in the Mobile WiMAX Network Architecture section on page 13.
We will now consider how these functions are performed.
Authentication comes in two forms:
unilateral authentication where the BS authenticates the MS and
mutual authentication where the BS authenticates the MS and the MS
authenticates the BS
Every WiMAX implementation must have unilateral authentication. Experience has
shown that mutual authentication is also extremely useful to have.
Authentication is achieved using a public key interchange protocol which ensures not
only authentication but also the establishment of encryption keys. In public key
interchange schemes each participant must have a private key and a public key. The
Public key is known widely whereas the private key is kept secret.
WiMAX 802.16e-2005 standard defines a Privacy Key Management (PKM) protocol
which allows for three types of authentication:
a RSA based authentication - X.509 digital certificates together with RSA encryption
b EAP based authentication (optional)
c RSA based authentication followed by EAP authentication
PKM authentication protocol establishes a shared secret key called Authorization Key
(AK) between the MS and the BS. Once a shared AK is established between the BS
and the MS, Key Encryption Key (KEK) is derived from it. KEK is then used to encrypt
subsequent PKM exchanges of Traffic Encryption Key (TEK).
8
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
9/20
WHITEPAPER In the RSA based authentication, a BS authenticates the MS by virtue of its unique
X.509 digital certificate which has been issued by the MS manufacturer. The X.509
certificate contains the MSs Public Key (PK) and its MAC address. When requesting
an AK, the MS sends its digital certificate to the BS which validates the certificate and
then uses the verified PK to encrypt an AK which is then sent back to the MS. All MSs
that use RSA authentication have factory installed private/public key pairs (or an
algorithm to generate the keys dynamically) together with factory installed X.509
certificates.
In the case of EAP based authentication the MS is authenticated either through a
unique operator issued credential, such as a SIM or though an X.509 certificate as
described above. The choice of authentication method depends on the operators
choice of type of EAP as follows:
EAP-AKA (Authentication and Key Agreement) for SIM based authentication,
EAP-TLS for X.509 based authentication
EAP-TTLS for MS-CHAPv2 (Microsoft-Challenge Handshake Authentication Protocol)
The BS associates the MSs authenticated identity to a paying subscriber and hence to
the services the subscriber is authorized to access. Thus, through the exchange of AK,
the BS determines the authenticated identity of the MS and the services it isauthorized to access.
Security Association
A Security Association (SA) is defined as the set of security information shared
between a BS and one or more of the MSs connected to that BS in order to support
secure communications across the WiMAX access network.
Three types of SA have been defined, primary, static and dynamic. Each MS
establishes a primary SA during the MS initialization phase. Static SAs are provided
within the BS. Dynamic SAs are created and destroyed in real time in response to the
creation and termination of service flows. Each MS can have several service flows onthe go and can therefore have several dynamic SAs. The BS makes sure that the
assigned SAs are compatible with the service types the MS is authorised to access.
9
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
10/20
WHITEPAPER Authorization
Following authentication, MS requests authorization from the BS. This is a request for
an AK as well as for an SA identity (SAID). The Authorization Request includes MSs
X.509 certificate, encryption algorithms and cryptographic ID.
In response, the BS carries out the necessary validation (by interacting with an AAA
server in the network) and sends back an Authorization reply which contains the AK
encrypted with the MSs public key, a lifetime key and an SAID. These processes are
further discussed in the Mobile WiMAX Network Architecture section on page 13.
After the initial authorization, the AAA via the BS periodically reauthorizes the MS.
Traffic Encryption
As we have seen above, the authentication and authorization process results in the
assignment of and Authorization Key, which is 160 bits long. The Key Encryption Key
is derived directly from the AK and is 128 bits long. The KEK is not used for
encrypting traffic data; for this we require the Traffic Encryption Key which is
generated as a random number in the BS using the TEK encryption algorithm where
KEK is used as the encryption key. TEK is then used for encrypting the data traffic.
10
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
11/20
WHITEPAPER Summary
Table 2 below summarises how the mobile WiMAX standard addresses the security
requirements summarised in Table 1 on page 6 above.
Table 2 How WiMAX standard addresses security expectations
11
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
Stakeholder Security Concern Comment How does WiMAXaddress it?
Privacy Protect from RSA encryption,eavesdropping EAP-TLS, PKM protocol
Data integrity Protect user data from RSA encryption,being tampered in EAP-TLS, PKM protocoltransit
Access to services User has the correct X.509, EAPcredentials
Correct accounting Accuracy and efficiency AAA architectureof accounting
User authentication Is the user who he says X.509, EAP-TTLShe is?
Device authentication Is the device the X.509, EAP-TTLScorrect device?
Authorization Is the user authorized RSA, EAP, PKMv2to receive a particular protocolservice?
Access control Only authorized users RSA, EAP, PKMv2have access to services protocol
NetworkUser
NetworkOperator
8/6/2019 WP Mobile WiMAX Security
12/20
WHITEPAPER
Network Aspects of Security
Up until now we have considered the security related interactions and protocols
between the SS and the BS. Now lets consider what happens at the network level
and where the intelligence may reside.
Figure 2 below shows a typical access control architecture.
Figure 2 Typical access control architecture
Extensible Authentication Protocol (EAP) defined by IETF (RFC 3748) is a flexible
framework which allows complex authentication protocols to be exchanged between
the end user and the authenticator.
In WiMAX, between the MS and the BS EAP runs over the WiMAX PHY and MAC
utilising the PKMv2 protocol as defined in 802.16e-2005. If the authenticator
function is not in the BS, the BS relays the authentication protocol to the
authenticator (in the Access Services Network).
From the authenticator to the authentication server (typically in the Home
Connectivity Service Network) EAP is carried over RADIUS.
RADIUS is a widely used standard. It has a client/server architecture and utilises UDP
messages. The authentication server is also the RADIUS server, whereas the
authenticator acts as a RADIUS client. In addition to authentication, RADIUS also
supports authorization and accounting functions.
12
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
Mobile Station(MS)
IP
Cloud
AuthenticationServer
Authenticator
EAP
AAA - RADIUS
EAP
WiMAX Link Layer
8/6/2019 WP Mobile WiMAX Security
13/20
WHITEPAPER
Mobile WiMAX Network Architecture
We will now consider this Mobile WiMAX network architecture as defined by the IEEE
802.16e-2005 standard from a security point of view and map the concepts from
earlier sections onto this network architecture.
Network Reference Model
Mobile WiMAX end-to-end network architecture model follows the Network
Reference Model (NRM), the first release of which is shown below. The NRM was
developed by WiMAX Forums Network Working Group (NWG).
Figure 3 Mobile WiMAX Network Reference Model
13
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
Another ASNOther
OperatorsCSN
Mobile Station(MS)
BS
BS
ASNGW(FA)
IPCloud
IPCloud
AAA HA
IMS
CRM Billing
CSNConnectivity Service Network
ASNAccess Service Network
NAPNetwork Access Provider
HOME NSPNetwork Service Provider
R5R4
R1
R2
R3
R6
R6
R8
Internet
ASPs
Legacy CoreNetworks
2G/3G MobileNetworks
8/6/2019 WP Mobile WiMAX Security
14/20
WHITEPAPER Network Reference Model reference points are summarised in the table below:
The IEEE 802.16e-2005 standard calls for the ability to manage subscriber mobilityat a number of layers as well as to authenticate, account and apply policy on a
per subscriber basis. This is achieved by dividing the WiMAX network into two
main parts:
Access Service Network (ASN) and
Connectivity Service Network (CSN).
The ASN consists of the WiMAX base stations and the ASN Gateway, whereas, the
CSN is at the core of the network providing control and management functions such
as AAA, DHCP, FTP and IMS.
A key element of the ASN is the ASN Gateway, which controls and aggregates thetraffic from one or more WiMAX base stations, and managing handover between
them, which includes maintaining authentication, service flows and key distribution
between base stations.
14
Copyright Airspan Networks Inc. 2007
R1 Interface between the MS and the ASNFunctionality: air interface
R2 Interface between the MS and the CSNFunctionality: AAA, IP host configuration, mobility management
R3 Interface between the ASN and CSNFunctionality: AAA, policy enforcement, mobility management
R4 Interface between ASNs
Functionality: mobility managementR5 Interface between CSNs
Functionality: internetworking, roaming
R6 Interface between BTS and ASN gatewayFunctionality: IP tunnel management to establish and release MS connection
R8 Interface between Base stationsFunctionality: handoffs
Table 3 NRM Reference Point Summary
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
15/20
WHITEPAPER ASN Profile C and Security
The NWG has defined three ASN profiles, referred as profile A, B and C from which
vendors and service providers can select their preferred solution. Profile A and C both
use centralized ASN Gateways, however, in Profile C the base stations are responsible
for implementing the Radio Resource Management (RRM) and Handover
management functions. Profile B embeds the key ASN functionality inside the base
station, which removes the need for a centralised ASN gateway. Recently Profile A has
been withdrawn leaving just Profiles B and C. Airspan currently offers profile C
compliant solutions in collaboration with the specialist ASN Gateway vendor Starent.
Airspans ASN Gateway portfolio is called ControlMAX.
Table 4 below maps the functionality split (including the security functionality) of ASN
between the BS and the ASN Gateway for an ASN profile C implementation.
Table 4 ASN Profile C functionality split for
15
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
Category Function ASN Profile C
BS ASN GW
Security Authenticator
Authentication relay
Key distributor
Key receiver
Data path function
Handover control
Context server and client
MIP foreign agent
Radio resource controller
Radio resource agent
Paging Paging controller
Paging agent
Quality of service SF authorisation
SF manager
Handoff
Management
Radio Resource
Management (RRM)
8/6/2019 WP Mobile WiMAX Security
16/20
WHITEPAPER For an ASN Profile C implementation, the interactions between the BS and ASN
Gateway over R6 for discharging the security functions are shown in Figure 5 below.
Figure 5 ASN Profile C security architecture
ASN and CSN Interaction for Security
Connectivity Service Network (CSN) is the core of the network. It controls and
manages the ASNs and the subscribers with a variety of services such as AAA, Home
Agent functions, DHCP server, etc. CSN is also responsible for connecting to other
operators networks and enables inter-operator and inter-technology roaming.
Figure 6 below shows the protocol stack for AAA in mobile WiMAX network
implementation. It is worth noting that EAP layer operates over the R1/R3/R5
reference points and the EAP methods (AKA, TSL/TTLS) operate over R2.
16
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
AuthenticationRelay
Base Station
Key receiver
Authenticator
ASN Gateway
Key distributor
ASN (Profile C)
AAA Server
R6
Authenticationkey transfer
protocol
Authenticationrelay protocol
8/6/2019 WP Mobile WiMAX Security
17/20
WHITEPAPER
Figure 6 Protocols for Mobile WiMAX AAA
When authentications of both the end user and the device need to be performed and
these authentications terminate in different AAA servers, the favoured approach in
PKMv2 is to use EAP-TTLS instead of double authentication.
In double authentication, first device authentication then user EAP authentication
takes place before the MS is allowed access to IP services. In EAP-TTLS authentication
however, double authentication is dispensed with and by virtue of tunnelling to the
appropriate AAA server, the same AAA server is used for both, thus shortening the
authentication process.
17
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
EAP-TLS, EAP-TTLS, PEAP
EAP
AAA Protocol
UDP/IP
MS BS ASN GW AAA Proxy AAA Server
PKM v2 EAP
802.16
Authentication
relay encapsulation
protocol
ASN Visited CSN Home CSN
8/6/2019 WP Mobile WiMAX Security
18/20
WHITEPAPER Service Flow Management and Authorization
Service Flow Management (SFM) and Service Flow Authorization (SFA) are the logical
functional entities, closely associated with QoS, located in the ASN that act as policy
enforcement and policy decision points. For ASN Profile C, the SFM function is
located in the BS and the SFA function is located at the ASN GW.
The Service Flow Manager (SFM) located in the BS is responsible for the creation,
admission, activation, modification, and deletion of IEEE 802.16e-2005 service flows.
It consists of an Admission Control (AC) function, data path function and the
associated local resource information. AC decides whether a new service flow can beadmitted to the system.
Service Flow Authorization (SFA) is located at the ASN GW and is responsible for
evaluating any service request against the subscriber's QoS profile. If the SFA already
has the user QoS profile then it evaluates the incoming service requests against the
users profile. If the SFA does not have the user profile then it sends the service
request to the Policy Function (PF) for decision making. The Policy Functions (PFs) and
its associated database reside in the CSN of both the home and the visited network.
18
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
19/20
WHITEPAPER
Summary
In this white paper we set out to de-mystify the whole topic of wireless security and
to put it into some kind context that makes it easier to understand the key concepts.
Security is of crucial importance in deploying a successful mobile WiMAX network. It
is an important issue both for the end users and the network operators and must be
addressed and resolved from Day 1.
In the past there have been well publicised security loopholes in security
implementations. IEEE 802.16e-2005 standard has embraced the lessons learnt and
has specified a comprehensive set of solutions. It is up to the equipment vendors,
systems integrators and network operators to work together to implement anetwork-wide security policy appropriate for the network.
19
Copyright Airspan Networks Inc. 2007
Mobile WiMAX Security
8/6/2019 WP Mobile WiMAX Security
20/20
WHITEPAPER
Worldwide Headquarters:
Airspan Networks Inc.
777 Yamato Road, Suite 105,
Boca Raton, FL 33431-4408, USA
Tel: +1 561 893 8670 Fax: +1 561 893 8671
Main Operations:
Airspan Communications Limited
Cambridge House, Oxford Road
Uxbridge, Middlesex, UB8 1UN, UK
Tel: +44 (0) 1895 467 100 Fax: +44 (0) 1895 467 101
For more information about Airspan, its
products and solutions, please visit our
website:
www.aispan.com
Or write to us at one of the addresses below.
We will be delighted to send you additiopnal
information on any of our products and their
applications around the world.
Airspan has sales offices in
the following countries:
Europe
Finland
Poland
Russia
United Kingdom
Middle East
United Arab Emirates
Africa
South Africa
Asia Pacific
Australia
China
Indonesia
Japan
Philippines
Sri Lanka
Recommended