Analysis of the PKMv2 Protocol in IEEE 802.16e-2005 Using Static Analysis

Ender Yuksel

AbstractThe IEEE 802.16e-2005 specification provides an air interface standard for metropolitan area wireless broadband service. IEEE 802.16 is the basis for Worldwide Interoperability for Microwave Access (WiMAX) certification which is the next evolution in wireless technology. The latest version of the standard, the IEEE 802.16e addresses mobility and also enhances the security sublayer of the IEEE 802.16 standard. Since wireless technology is broadcast and transmitted data can be intercepted, wireless users face more risks than wired users. The former IEEE 802.16 standards used the Privacy and Key Management (PKM) protocol which had many critical drawbacks. In IEEE 802.16e, a new version of this protocol called PKMv2 is released. PKMv2 has radical changes and in contrast with the previous version it seems to have an exaggerated mixture of security features like nonces, message authentication codes, key ids, certificates, etc.

The PKMv2 includes two main issues: an Authentication/Authorization protocol to establish a shared Authorization Key (AK), and a 3-Way Security Association (SA) Traffic Encryption Key (TEK) Handshake. The former is strengthened with de facto standards such as RSA and EAP, therefore the PKMv2 SA-TEK 3-Way Handshake (PKMv2 SA-TEK 3W HS), which is used for transferring TEKs to mobile stations (MS) after authentication will be the specific point of this thesis.

Static analysis is successfully used for automatically validating security properties of classical and modern cryptographic protocols. In this thesis we will show how the very same technique can be used to validate modern wireless network security protocols, in particular, we study the IEEE 802.16e PKMv2 SA-TEK 3W HS.

We derived a model of the protocol and described it using LySa, a process calculus in the pi/spi calculus family allowing communication protocols to be specified and annotated for validation of authentication properties. After that, we carried out a static analysis of our LySa model using the static analysis tool LySa-tool. Validating the base protocol, we studied our proposal on an optimized but still secure protocol. Having established systematic experiments on our models of modified versions of the protocol, we analyzed the robustness and security features. In conclusion we found improvements that increased the performance while being still secure.
TypeMaster's thesis [Academic thesis]
Year2007
PublisherInformatics and Mathematical Modelling, Technical University of Denmark, DTU
AddressRichard Petersens Plads, Building 321, DK-2800 Kgs. Lyngby
SeriesIMM-Thesis-2007-16
NoteSupervised by Hanne Riis Nielson, IMM, DTU
Electronic version(s)[pdf]
BibTeX data [bibtex]
IMM Group(s)Computer Science & Engineering