Browse > Article

An IBC and Certificate Based Hybrid Approach to WiMAX Security  

Rodoper, Mete (Wireless Information Network Laboratory (WINLAB), Rutgers University)
Trappe, Wade (Wireless Information Network Laboratory (WINLAB), Rutgers University)
Jung, Edward Tae-Chul (School of Computing and Software Engineering, Southern Polytechnic State University)
Publication Information
Journal of Communications and Networks / v.11, no.6, 2009 , pp. 615-625 More about this Journal
Abstract
Worldwide inter-operability for microwave access (WiMAX) is a promising technology that provides high data throughput with low delays for various user types and modes of operation. While much research had been conducted on physical and MAC layers, little attention has been paid to a comprehensive and efficient security solution for WiMAX. We propose a hybrid security solution combining identity-based cryptography (IBC) and certificate based approaches. We provide detailed message exchange steps in order to achieve a complete security that addresses the various kind of threats identified in previous research. While attaining this goal, efficient fusion of both techniques resulted in a 53% bandwidth improvement compared to the standard's approach, PKMv2. Also, in this hybrid approach, we have clarified the key revocation procedures and key lifetimes. Consequently, to the best of knowledge our approach is the first work that unites the advantages of both techniques for improved security while maintaining the low overhead forWiMAX.
Keywords
Identity-based cryptography (IBC); IEEE 802.16; key m-anagement; key revocation; PKMv2; security; worldwide inter-operability for microwave access (WiMAX); wireless mesh networks (WMNs);
Citations & Related Records

Times Cited By Web Of Science : 0  (Related Records In Web of Science)
Times Cited By SCOPUS : 2
연도 인용수 순위
1 A. Shamir, "Identity-based cryptosystems and signature schemes," in Proc. CRYPTO4 on Advances in Cryptology, USA, 1985, pp. 47–53
2 WiMAX Forum, 2008
3 IEEE standard for local and metropolitan area networks part 16: Air interface for fixed broadband wireless access systems. IEEE Std 802.16-2004 (Revision of IEEE Std 802.16-2001), pp. 0–857, 2004
4 S. Xu, M. Matthews, and C.-T. Huang, "Security issues in privacy and key management protocols of IEEE 802.16," in Proc. ACM-SE, USA, 2006, pp. 113–118
5 R. Housley, W. Polk, W. Ford, and D. Solo. Internet X.509 Public Key nfrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280 (Proposed Standard), April 2002. Obsoleted by RFC 5280, updated by RFCs 4325, 4630
6 K. Hoeper and G. Gong, "Bootstrapping security in mobile ad hoc networks using identity-based schemes with key revocation," Technical report, 2006
7 S. Balfe, K. D. Boklan, Z. Klagsbrun, and K. G. Paterson, "Key refreshing in identity-based cryptography and its applications in manets," in Proc. IEEE MILCOM, Oct. 2007, pp. 1–8
8 D. B. Johnson and D. A. Maltz, "Dynamic source routing in ad hoc wireless networks," Mobile Computing, pp. 153–181. 1996
9 I. F. Akyildiz and X. Wang, "A survey on wireless mesh networks," IEEE Commun. Mag., vol. 43, no. 9, pp. S23–S30, Sept. 2005   DOI   ScienceOn
10 Michel Barbeau. Wimax/802.16 threat analysis. In Azzedine Boukerche and Regina Borges de Araujo, editors, Q2SWinet, pp. 8–15. ACM, 2005
11 L. Martin, "Identity-based encryption comes of age," Computer, vol. 41, no. 8, pp. 93–95, Aug. 2008   DOI   ScienceOn
12 D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008
13 K. Hoeper and G. Gong, "Key revocation for identity-based schemes in mobile ad hoc networks," LNCS, vol. 4104, pp. 224–237. Springer, 2006
14 E. B. Fernandez, M. VanHilst, and J. C. Pelaez, "Patterns for wimax security," 2007
15 K. Fall, "A delay-tolerant network architecture for challenged internets," in Proc. SIGCOMM, USA, 2003, pp. 27–34
16 IEEE standard for local and metropolitan area networks part 16: Air interface for fixed and mobile broadband wireless access systems amendment 2: Physical and medium access control layers for combined fixed and mobile operation in licensed bands and corrigendum 1. IEEE Std 802.16e- 2005 and IEEE Std 802.16-2004/Cor 1-2005 (Amendment and Corrigendum to IEEE Std 802.16-2004), pp. 0–822, 2006
17 Data-over-cable service interface specification
18 Z. Hamid and S. A. Khan, "An augmented security protocol for wirelessman mesh networks," in Proc. ISCIT, 2006, pp. 861–865
19 J. Baek, J. Newmarch, R. Safavi-naini, and W. Susilo, "A survey of identity-based cryptography," in Proc. Australian Unix Users Group Annual Conference, 2004, pp. 95–102
20 P. Kamat, A. Baliga, and W. Trappe, "An identity-based security framework for vanets,' in Proc. VANET, New York, NY, USA, 2006, pp. 94–95
21 L. Maccari, M. Paoli, and R. Fantacci, "Security analysis of IEEE 802.16," in Proc. IEEE ICC, June 2007, pp. 1160–1165
22 Dan Boneh and Matthew Franklin, Identity-Based Encryption from the Weil Pairing, pp. 213–229. Springer-Verlag, 2001
23 C. Gentry and A. Silverberg, "Hierarchical id-based cryptography," in Proc. ASIACRYPT, UK, 2002, pp. 548–566
24 Y. Zhou and Y. Fang, "Security of IEEE 802.16 in mesh mode," in Proc. IEEE MILCOM, Oct. 2006, pp. 1–6
25 X. Boyen and L. Martin. Identity-based cryptography standard (ibcs) #1: Supersingular curve implementations of the bf and bb1 cryptosystems. RFC 5091 (Informational), Dec. 2007
26 Y. Zhang and Y. Fang, "A secure authentication and billing architecture for wireless mesh networks," Wireless Netw., vol. 13, no. 5, pp. 663–678, 2007   DOI   ScienceOn
27 M. Nasreldin, H. Aslan, M. El-Hennawy, and A. El-Hennawy, "Wimax security," in Proc. AINA Workshops, 2008, pp. 1335–1340
28 IEEE std. 802.16-2001 ieee standard for local and metropolitan area networks part 16: Air interface for fixed broadband wireless access systems. IEEE Std 802.16-2001, pp. 0–322, 2002
29 S. Xu and C.-T. Huang, "Attacks on pkm protocols of IEEE 802.16 and its later versions," in Proc. ISWCS, Sept. 2006, pp. 185–189
30 B. Aboba, D. Simon, and P. Eronen. Extensible Authentication Protocol (EAP) Key Management Framework. RFC 5247 (Proposed Standard), Aug. 2008
31 L. B. Oliveira, R. Dahab, J. Lopez, F. Daguano, and A. A. F. Loureiro, "Identity-based encryption for sensor networks," in Proc. IEEE PerCom, Mar. 2007, pp. 290–294
32 D. Johnston and J. Walker, "Overview of IEEE 802.16 security," IEEE Security Privacy, vol. 2, no. 3, pp. 40–48, 2004   DOI   ScienceOn
33 B. Kwon, C. P. Lee, Y. Chang, and J. A. Copeland, "A security scheme for centralized scheduling in IEEE 802.16 mesh networks," in Proc. IEEE MILCOM, 2007, pp. 1–5
34 N. Asokan, K. Kostiainen, P. Ginzboorg, J. Ott, and C. Luo, "Applicability of identity-based cryptography for disruption-tolerant networking," in Proc. MobiOpp, USA, 2007, pp. 52–56