The WiMAX network supports both user and device authentication. An operator may decide to implement either one or both of these authentications. For user and device authentication, the IEEE 802.16e-2005 standard specifies PKMv2 with EAP. PKMv2 transfers EAP over the air interface between the MS and the BS in ASN. If the authenticator does not reside in the BS, the BS acts as an authentication relay agent and forwards EAP messages to the authenticator over an authentication relay protocol that may run over an R6 interface. The AAA client at the authentica- tor encapsulates the EAP in AAA protocol packets and forwards them via one or more AAA proxies5 to the AAA server in the CSN of the home NSP. EAP runs over RADIUS between the 5. One or more AAA brokers may exist between the authenticator and the AAA server in roaming
scenarios.
AAA Server and the authenticator in ASN. Depending on the type of credential, a variety of EAP
schemes, including EAP-AKA (authentication and key agreement), EAP-TLS, EAP-SIM, and EAP-PSK (preshared key), may be supported. It is also possible to optionally secure the transport of end-to-end user authentication within a tunnel by using protocols such as tunneled transport- layer security (TTLS). Figure 10.6 depicts the protocol stack for PKMv2 user authentication.
When both user and device authentications need to be performed and both authentications terminate in different AAA servers, PKMv2 double-EAP mode is used. Here, user EAP authen- tication follows device authentication before the MS is allowed access to IP services. If the same AAA server is used for both, the process could be shortened by doing joint device and user authentication.
Figure 10.5 Generic AAA roaming model
Figure 10.6 Protocol stack for user authentication in WiMAX
MS NAS
ASN
AAA Proxy Server
Visited CSN
AAA Server
Home CSN 1
4
2a 3b
2b 3a
802.16 PKMv2
Authentication Relay Encapsulating Protocol
Authentication Relay Protocol
UDP/IP AAA Protocol EAP
EAP-TLS, PEAP, EAP-TTLS, EAP-AKA, etc.
MS BS
(ASN)
NAS (ASN)
AAA Proxy(s)
AAA Server (Home CSN) Supplicant Authentication
Relay Authenticator Authentication
Server
Device credentials typically take the form of a digital certificate or a preprovisioned preshared secret key. It is also possible to dynamically generate a secret key from a built-in X.509 certificate.
The EAP device identifier may be a MAC address or a NAI in the form of MAC_address @ NSP- domain. A Master Session Key (MSK) appropriate for device authentication is generated once the appropriate credential is determined. Both device and user authentication must generate an MSK.
Figure 10.7 shows the PKMv2 procedures followed after initial network entry before a ser- vice flow can be set up between the MS and the WiMAX network. The various steps involved are as follows:
1.Initial 802.16e network entry and negotiation: After successful ranging, the MS and the ASN negotiate the security capabilities, such as PKM version, PKMv2 security capabili- ties, and authorization policy describing PKMv2 EAP only or PKMv2 double-EAP. In order to initiate an EAP conversation, the MS may also send a PKMv2-EAP-Start message to initiate EAP conversations with the ASN. Once an active air link is set up between the BS and the MS, a link activation is sent over R6 to the authenticator to begin the EAP sequence.
2.Exchange of EAP messages: EAP exchange begins with an EAP-Identity-Request mes- sage from the EAP authenticator to the EAP supplicant, which is the MS. If the EAP authenticator is not in the BS, an authentication relay protocol over R6 may be used for communication between the Authenticator and the BS. The MS responds with an EAP- Response message to the authenticator, which forwards all the responses from the MS to the AAA proxy, which then routes the packets based on the associated NAI realm to a remote AAA authentication server, using RADIUS. After one or more EAP request/
response exchanges, the authentication server determines whether the authentication is successful and notifies the MS accordingly.
3.Establishment of the shared master session key and enhanced master session key: An MSK and an enhanced MSK (EMSK) are established at the MS and the AAA Server as part of a successful EAP exchange. The MSK is then also transferred from the AAA server to the authenticator (NAS) in the ASN. Using the MSK, the authenticator and the MS both generate a pairwise master key (PMK) according to the IEEE 802.16e-2005 spec- ifications. The MS and the AAA server use to the EMSK to generate mobile keys.
4.Generation of authentication key: Based on the algorithm specified in IEEE 802.16e- 2005, the AS and the MS generate the authentication key (AK).
5.Transfer of authentication key: The AK and its context are delivered from the key dis- tributor entity in the authenticator to the key-receiver entity in the serving BS. The key receiver caches this information and generates the rest of the IEEE 802.16e-2005–speci- fied keys from it.
6.Transfer of security associations: SAs are the set of security information that the BS and one or more of its MS share in order to support secure communications. The shared infor- mation includes TEK and initialization vectors for cipher-block chaining (CBC). SA trans-
fer between the BS and the MS is done via a three-way handshake. First, the BS transmits the SA-TEK Challenge message, which identifies an AK to be used for the SA, and includes a unique challenge. In the second step, the MS transmits an SA-TEK Request message after receipt and successful HMAC/CMAC verification of an SA challenge from the BS. The SA-TEK-Request message is a request for SA descriptors identifying the SAs the requesting MS is authorized to access and their particular properties. In the third step, the BS transmits the SA-TEK Response message identifying and describing the primary and static SAs the requesting MS is authorized to access.
7.Generation and transfer of traffic encryption keys: Following the three-way hand- shake, the MS requests the BS for two TEKs each for every SA. The BS randomly gener- ates a TEK, encrypts it using the secret symmetric key encryption key (KEK), and transfers it to the MS.
8.Service flow creation: Once the TEKs are established between the MS and the BS, ser- vice flows are created, using another three-way handshake. Each service flow is then mapped onto an SA, thereby associating a TEK with it.