Improving Security Levels of IEEE802.16e Authentication by Involving Diffie-Hellman PKDS.

J. UCS 01/2011; 17(6):891-911.
Source: DBLP


Recently, IEEE 802.16 Worldwide Interoperability for Microwave Access (WiMAX for short) has provided us with low-cost, high efficiency and high bandwidth network services. However, as with the WiFi, the radio wave transmission also makes the WiMAX face the wireless transmission security problem. To solve this problem, the IEEE802.16Std during its development stage defines the Privacy Key Management (PKM for short) authentication process which offers a one-way authentication. However, using a one-way authentication, an SS may connect to a fake BS. Mutual authentication, like that developed for PKMv2, can avoid this problem. Therefore, in this paper, we propose an authentication key management approach, called Diffie-Hellman-PKDS-based authentication method (DiHam for short), which employs a secret door asymmetric one-way function, Public Key Distribution System (PKDS for short), to improve current security level of facility authentication between WiMAX's BS and SS. We further integrate the PKMv1 and the DiHam into a system, called PKM-DiHam (P-DiHam for short), in which the PKMv1 acts as the authentication process, and the DiHam is responsible for key management and delivery. By transmitting securely protected and well-defined parameters for SS and BS, the two stations can mutually authenticate each other. Messages including those conveying user data and authentication parameters can be then more securely delivered.

1 Follower
10 Reads
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose a handover authentication mechanism, called handover key management and authentication scheme (HaKMA), which as a three-layer authentication architecture is a new version of our previous work Diffie-Hellman-PKDS-based authentication method (DiHam for short) by improving its key generation flow and adding a handover authentication scheme to respectively speed up handover process and increase the security level for mobile stations (MS). AAA server supported authentication is also enhanced by involving an improved extensible authentication protocol (EAP). According to the analyses of this study, the HaKMA is more secure than the compared schemes, including the PKMv2 and DiHam.
    International Conference on Multidisciplinary Research and Practice for Business, Enterprise and Health Information Systems - MURPBES 2011 / Availability, Reliability and Security for Business, Enterprise and Health Information Systems - IFIP WG 8.4/8.9 International Cross Domain Conference and Workshop, ARES 2011, Vienna, Austria, August 22-26, 2011. Proceedings; 01/2011
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently, wireless communication has been popularly used in our everyday life. However, its secu-rity is a crucial work since messages are broadcasted via wireless channels through which hackers can intercept the massages and then know the contents of the messages. That is why security has been one of the most important issues in wireless communication studies. Encrypting messages to ciphertext is one of the methods to solve this problem. But, it also causes another problem, i.e., how to safely and confidentially encrypt and deliver security keys so that hackers have to spend a very long time before they can decrypt the ciphertext. In this paper, we proposed an authentication ap-proach, called the secure point-to-point encryption method (SePem for short), which integrates RSA, Diffie-Hellman PKDS and a stream cipher technique to provide users with a highly secure point-to-point wireless network without requiring a CA. According to the security analysis of this study, the SePem can efficiently and securely protect a wireless environment. Our simulation results show that the performance of this method can meet users' communication needs.
  • [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose a new symmetric key exchange system, named the Wireless Security System with Data Connection Core (WiSDC for short), which can not only verify whether a user is a legitimate one or not, but also produce internally used parameters, named internal keys, and speed up the key exchange process for a wireless session as well. Moreover, the WiSDC adopts a pseudo random number generator, which has a feedback control mechanism, to generate more complicated keys for data encryption. Experimental results show that the WiSDC can effectively enhance the security level of a wireless environment.
    Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2012 Sixth International Conference on; 01/2012
Show more