Customized Key Derivation Function for New Time Stamp Identity Authentication Protocol on WiMAX
To be able to achieve the desired level of confidentiality, integrity, and availability for the network system and services, future network security faces various important security issues. Many of these security problems need to be addressed in different modes and for different user types, even in the final security standard of Worldwide Interoperability for Microwave Access (WiMAX), Privacy and Key Management version 2 (PKMv2). In this paper a new technique for securing Wireless Local Area Network (WLAN), especially WiMAX networks using customized encryption and decryption standard algorithms that depend on different Secure Hashing Algorithm (SHA) is proposed and applied in our New Timestamp Identity Authentication Protocol (NTIAP). This technique is based on the addition of a new security level for key generation after the Master Session Key (MSK) expansion. This level helps the user to adapt the complexity of all keys derived between the Subscriber Station (SS), served Base Station (BS) and the expected BS during the handover process. Also, we can use the techniques to overcome most of the effects of attacks in the IEEE 802.16 without degrading service quality. The Customized Key Derivation Function (CKDF) was simulated and tested using a MATLAB simulation tool. A Graphical User Interface (GUI) which is capable of generating all types of keys that the user may use in the serving cell, and the expected one during the handover, is also developed. We used the most optimized techniques published for implementing the transformations used in the WiMAX security, to complete our design for the CKDF with our proposed NTIAP. A fair comparison and verification between the two standard authentication protocols (PKMv1 and PKMv2) and the proposed one (NTIAP) after adding the CKDF, is accomplished using the same sets of data and claims. Results demonstrated that the proposed protocol outperforms both standard ones in terms of higher security level since the new solution is efficient to tackling the various security threats such as replay, man in the middle and Denial of Service (DOS) attacks. The revised authentication protocol is expected to provide better secure platform for IEEE 802.16(e). Also, the new design helps the user to work in different modes of operations and with both fixed and mobile WiMAX.
Index Terms - WiMAX, PKM, PKMv1, PKMv2, Nonce, Timestamp, NTIAP, CKDF, AES, AAA, EAP.