wimax security encryption public key infrastructure n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
WiMAX Security( 簡介 ) - encryption - Public key infrastructure PowerPoint Presentation
Download Presentation
WiMAX Security( 簡介 ) - encryption - Public key infrastructure

Loading in 2 Seconds...

play fullscreen
1 / 16

WiMAX Security( 簡介 ) - encryption - Public key infrastructure - PowerPoint PPT Presentation


  • 133 Views
  • Uploaded on

WiMAX Security( 簡介 ) - encryption - Public key infrastructure. Why encryption?. Encryption a mechanism that protects data confidentiality and integrity plaintext to ciphertext. Encryption. Encryption is always applied to the MAC PDU payload;

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

WiMAX Security( 簡介 ) - encryption - Public key infrastructure


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. WiMAX Security(簡介)- encryption- Public key infrastructure

    2. Why encryption? • Encryption • a mechanism that protects data confidentiality and integrity • plaintext to ciphertext

    3. Encryption • Encryption is always applied to the MAC PDU payload; • the generic MAC header is not encrypted; some • management messages are not encrypted.

    4. Encryption -- WiMAX • WiMAX uses the Advanced Encryption Standard (AES) to produce ciphertext. • Receiver of the ciphertext simply reverses the process to recover the plaintext.

    5. Public key infrastructure • The WiMAX 802.16e-2005 standard uses the Privacy and Key Management Protocol version 2 (PKMv2) for securely transferring keying material between the base station and the mobile station. • PKMv2’s components • X.509 digital certificates • RSA public-key algorithm • Strong encryption algorithm to perform key exchanges between SS to BS. • PKMv2 mechanism • Validates user identity and establishes an authorization key (AK) • AK is used to derive the encryption key described in the previous section.

    6. Public key infrastructure • PKMv2 supports the use of the Rivest-Shamir-Adlerman (RSA) public key cryptographyexchange. • RSA public key exchange • requires that the mobile station establish identity using either a manufacturer-issued X.509 digital certificate or an operator-issued credential such as a subscriber identity module (SIM) card. • X.509 digital certificate contains the mobile station's Public-Key (PK) and its MAC address.

    7. X.509 加密資料 (public key) 解密資料 (private key)

    8. Public key infrastructure • The mobile station transfers the X.509 digital certificate to the WiMAX network, which then forwards the certificate to a certificate authority. The certificate authority validates the certificate, thus validating the user identity.

    9. Public key infrastructure • Once the user identity is validated, the WiMAX network uses the public key to create the authorization key, and sends the authorization key to the mobile station. The mobile station and the base station use the authorization key to derive an identical encryption key that is used with the AES algorithm.

    10. Privacy Key Management Subscriber Station Base Station 1. Authentication Information Message 2. Authorization Request (X.509(Public, Mac address), cryptographic , SS ID 3. Authentication Reply (public [AK], AK Sequence, AK lifetime, SAID) AK Encryption 4. Key Request (AK key Sequence, SAID, HMAC-Digest) 5. Key Reply (AK key Sequence , SAID, KEK [Old-TEK], KEK [New-TEK], HMAC-Digest) TEK Encryption 6. TEK Encryption

    11. Keys in 802.16 1.public key -- issue by manufacturer 2.authorization key (AK) -- distributed by the BS; refreshed periodically; encrypted by SS’s public key 3.Key encryption key(KEK) -- derived from AK by BS and SS. 4.Traffic encryption key (TEK) -- distributed by the BS; refreshed periodically; encrypted by KEK 5.Traffic -- encrypted / decrypted by TEK

    12. Access authentication

    13. User Authentication

    14. WiMAX Key Hierarchy and Distribution