Research On Security Problem Of IEEE 802.16 Standard In Mesh Mode

As an important part of the technology of broadband wireless network, the IEEE 802.16standard series has come to be the main standard of the wireless WMAN technology. The IEEE802.16 standards support two kinds of operating modes: the PMP mode and the MESH mode.Due to the openness of wireless transmission, the security problems of IEEE 802.16 are alwaysresearch focuses, and both domestic and foreign researchers have conducted related studies inthis field. According to newly published 802.16e standard, the new protocol of private keymanagement (PKM) consists of two parts, i.e. the PKMv1 and the PKMv2. However, we foundthat PKMv1, which describes agreements under the Mesh mode, has not improved muchcomparing to the old PKM in the IEEE 802.16d standard.The Office of Security of Commercial Code of China (OSCCA) has enacted a standard ofwireless LAN, which includes agreements for wireless LAN encryption algorithm, digitalsignature algorithm, key agreement algorithm etc.These standards provide valuable references for the establishment of security standards for thewireless WMAN. For example, for the improvement of security mechanism under the Meshmode, this thesis imports the ECDSA digital signature algorithm and the SMS4 block cipheralgorithm, which are originally included in the wireless LAN security standard. By doing this,the improved protocol proposed in the thesis is naturally compatible the national wireless LANstandards.The author first analyzed the Mesh mode in IEEE 802.16 standard and found that this modeuses the unidirectional authentication method in the aspect of authentication mechanism. In thisway the quantity of data transmission is small and the number of interactive times is only a few,and therefore the Mesh mode incorporates advantages of fast network speed and high level offlexibility. However, from the informational security point of view, this mode is irresistible ofmany known ways of attacks, such as tampering with the data, the replay attack, the intermediateattack etc. To enable networking under the Mesh mode with higher security requirements, thefollowing aspects, i.e. the authentication process, the key exchange process, and the dataencryption intensity, have to be improved. This thesis mainly focuses on the improvement ofthese three aspects. The contributions are as follows.1. The security mechanism under the Mesh mode is analyzed and several loopholes arediscovered.Simulated attacks are used to analyse the authentication process. It is found that theunidirectional authentication method, which is used in the Mesh mode, can not let a normal nodeauthenticate the authority node. Therefore, under the Mesh mode a normal node is unable toguarantee the validity of the authentication node, and thus hidden troubles may exist. Forexample, a normal node may pretend to be an authentication node, or it may easily tamper amessage from an authentication node. Besides, the Mesh mode does not provide a high level ofconfidentiality for messages, including some important kinds of messages, such as managementmessage, authentication exchange message, key agreement message etc. Those messages maytherefore be easily intercepted or tampered by malicious nodes, possibly resulting in a seriousaccident of sensitive information leakage. Fortunately, several algorithms from the encryptionalgorithm module can be applied to the Mesh mode; those algorithms include for example the 56bit-DES algorithm, which has been proved to be an effective method.2. The fore above discovered loopholes under the Mesh mode are improved.This thesis solved the underlying problems caused by the discovered loopholes byimproving the following protocols and modules. Firstly, the authentication agreement isimproved. A bilateral authentication protocol, which is designed based on digital certificate, isadded to the existing authentication agreement. In the bilateral protocol, the interactive messageexchange uses the ECDSA algorithm the digital signature. Secondly, more improvements aremade for the key distribution mechanism and the key swap agreement. The original usedidentification method, the operator shared secret (OSS), is substituted by Mesh ID, which isdistributed by the authentication node. Random numbering and the digital signature method areadded to the generation of key exchange messages. Besides, the encryption algorithm module isalso enriched, e.g. SMS4 algorithm is added to the module.3. A new multi-level secure message system is designed.In order to balance between the level of security and the performance in message systemunder the Mesh mode, this thesis has designed a new message exchange system. The new systemmay switch the level of security during the process of messaging. Moreover, it can react andadjust to AK and TEK message exchange processes. In this way, the security sub-layer innetworking is able to support switch between plain text and encrypted text during the messagetransmission, and therefore the transmission efficiency in real application may significantlyenhances.