Wimax standards and Security The Wimax



Download 2,02 Mb.
bet176/186
Sana29.05.2022
Hajmi2,02 Mb.
#619147
1   ...   172   173   174   175   176   177   178   179   ...   186
Bog'liq
CRC - WiMAX.Standards.and.Security

FIGURE 12.9
The mutual authorization process between an SS and the BS.



  1. The BS provides the authenticated SS with the AK, and then a KEK and message authentication keys are derived from this AK.

  2. The BS provides the authenticated SS with the identities (i.e., the SAIDs) and properties of SAs from which the SS can obtain the encryption key information for subsequent transport connections.

Figure 12.9 shows the mutual authorization process between an SS and the BS. Similar to PKMv1, the SS sends an authorization request message to the target BS, requesting an AK immediately after sending the authentication information message. The authentication information message is the same as that in PKMv1. As compared to the authorization request message in PKMv1, an SS running PKMv2 adds a 64-bit random number NS in the authorization request message. This NS is returned in the authorization reply message from the BS to the SS in securing the authentication process. PKMv2 also adds a 64-bit random number NB, the BS’s X.509 certificate, and BS’s signature in the authorization reply message. The random numbers NS and NB are included in the exchange, and both the SS and BS can check the replied numbers to ensure the time freshness of the message, and thus to prevent the replay attack. Table 12.1 summarizes the contents in the authorization request and autho- rization reply messages.




TABLE 12.1
Authorization Request and Authorization Reply messages
Authorization Request Message Authorization Reply Message

The manufacturer-issued X.509 The BS’s X.509 certificate, used to verify the BS’s certificate identity


The security capabilities the requesting A pre-PAK encrypted with the SS’s public key SS supports A 4-bit PAK sequence number
The SS’s basic CID, which is the The lifetime of the pre-PAK first static CID the BS assigns to an The identities (i.e., the SAIDs)
SS during initial ranging The 64-bit random number generated by the SS A 64-bit random number NS generated A 64-bit random number NB generated by the BS
by the SS The BS’s signature




AK = Dot16KDF (PAK, SS MAC Address | BSID | PAK | “PAK’’, 160)



FIGURE 12.10
AK derivation in RSA-based authorization.




      1. Download 2,02 Mb.

        Do'stlaringiz bilan baham:
1   ...   172   173   174   175   176   177   178   179   ...   186




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish