WiMAX security issues
Wireless Security
By Joshua Wright
,
NetworkWorld.com
, 12/11/2006
- Share/Email
- Tweet This
- Print
What are the possible security risks associated with deploying and using WiMAX?
WiMAX is the much-anticipated broadband wireless access mechanism for delivering high-speed connectivity over long distances,
making it attractive to Internet and telecommunications service providers. Designed by the IEEE 802.16 committee, WiMAX was
developed after the security failures that plagued early IEEE 802.11 networks. Recognizing the importance of security, the
802.16 working groups designed several mechanisms to protect the service provider from theft of service, and to protect the
customer from unauthorized information disclosure.
Authentication
A fundamental principle in 802.16 networks is that each subscriber station (SS) must have a X.509 certificate that will uniquely
identify the subscriber. The use of X.509 certificates makes it difficult for an attacker to spoof the identity of legitimate
subscribers, providing ample protection against theft of service. A fundamental flaw in the authentication mechanism used
by WiMAX's privacy and key management (PKM) protocol is the lack of base station (BS) or service provider authentication.
This makes WiMAX networks susceptible to man-in-the-middle attacks, exposing subscribers to various confidentiality and availability
attacks. The 802.16e amendment added support for the Extensible Authentication Protocol (EAP) to WiMAX networks. Support for
EAP protocols is currently optional for service providers.
Encryption
With the 802.16e amendment, support for the AES cipher is available, providing strong support for confidentiality of data
traffic. Like the 802.11 specification, management frames are not encrypted, allowing an attacker to collect information about
subscribers in the area and other potentially sensitive network characteristics.
Availability
WiMAX deployments will use licensed RF spectrum, giving them some measure of protection from unintentional interference. It
is reasonably simple, however, for an attacker to use readily available tools to jam the spectrum for all planned WiMAX deployments.
In addition to physical layer denial of service attacks, an attacker can use legacy management frames to forcibly disconnect
legitimate stations. This is similar to the deauthenticate flood attacks used against 802.11 networks.
Comments (8)
WiMAX security issuesBy Anonymous on December 11, 2006, 4:26 amI found it fascinating and so useful. I think more details were needed here to be discussed about. Anyway, I believe it can help a lot. Ali Saghaeian antoni_maximilliano@yahoo.com http://wimax.persianblog.com Re:...
Reply | Read entire comment
Need more information about how X...By Anonymous on July 3, 2008, 4:14 amNeed more information about how X.509 certificate exactly works!!!
Reply | Read entire comment
Interested in WiMax By Anonymous on March 3, 2009, 8:30 amHi, I am a MSc student in Information Security and I'm doing a dissertation in WiMax and its security issues. I have already read the paper David Johnston and Jesse...
Reply | Read entire comment
WiMax SecurityBy Anon on June 17, 2009, 11:01 pmHi are you still interested in information on Wimax security?
Reply | Read entire comment
wimax security attacksBy Anonymous on June 26, 2009, 3:22 amplz send immediately the security attacks on wimax reply.
Reply | Read entire comment
immediatelyBy Anon on September 2, 2009, 7:32 amImmediately Immediately i am sending you information Immediately . Secure it Immediately . ok Immediately .
Reply | Read entire comment
View all comments