Broadband wireless networks based on the IEEE (Institute of Electrical and Electronic Engineers) 802.16 suite of standards (current version—IEEE P802.16-REVd/D5-2004, also referred to herein as the 802.16 standard for convenience) are emerging as a viable alternative to DSL (digital subscription line) and cable modems for high-speed broadband access for homes and businesses. The original IEEE 802.16-2001 specification defined the WirelessMAN™ air interface specification for wireless metropolitan area networks (MANs). The completion of this standard heralds the entry of broadband wireless access as a major new tool in the effort to link homes and businesses to core telecommunications worldwide.
FIG. 1 shows a simplified broadband wireless network with point-to-multipoint (PMP) architecture for both licensed and licensed-exempt frequency bands typically below 11 GHz. Other types of architectures (not shown) such as mesh broadband wireless networks are permissible. A backbone IP network 100 is connected to a broadband wireless network using radio access nodes (RANs) 102A and 102B. Each RAN is connected via a wired link such as an optical fiber (depicted as optical fiber links 103A, 103B and 103C) or point-to-point wireless link (please modify FIG. 1 accordingly) to one or more radio cells (depicted between RAN 102A or 102B to radio cells 104A, 104B, and 104C). At the hub of a radio cell is a respective Base station (BS) 106A, 106B, and 106C. A Base Station system includes an advanced antenna system (AAS), which is typically located on top of a radio tower, is used to transmit high-speed data to multiple subscriber stations (SSs) 108 and receive data from the SSs via unidirectional wireless links 110 (each SS uplink transmission is independent on the others). More particularly, each SS 108 can access network 100 (via an appropriate BS) using the PHY+MAC (Physical+Media Access Control) layer features defined by the IEEE P802.16-REVd/D5-2004 air-interface standard. A fixed SS typically uses directional antenna while mobile or portable SS usually uses an omni-directional antenna.
Transmission of data bursts from network 100 to an SS 108 proceeds in the following manner. The data bursts such as IP packets or Ethernet frames are encapsulated in IEEE P802.16-REVd/D5-2004 data frame format and forwarded from an appropriate RAN to an appropriate BS. The BS then transmits non-line of sight (NLOS) data to each SS 108 using a unidirectional wireless link 110, which is referred to as a “downlink.” Transmission of data from an SS 108 to network 100 proceeds in the reverse direction. In this case, the encapsulated data is transmitted from an SS to an appropriate BS using a unidirectional wireless link referred to as an “uplink.” The data packets are then forwarded to an appropriate RAN, converted to IP Packets or Ethernet frames, and transmitted henceforth to a destination node in network 100. Data bursts can be transmitted using either Frequency-Division-Duplexing (FDD) or Time-Division-Duplexing (TDD) schemes. In the TDD scheme, both the uplink and downlink share the same RF channel, but do not transmit simultaneously, and in the FDD scheme, the uplink and downlink operate on different RF channels, sometimes simultaneously.
Multiple BSs are configured to form a cellular-like wireless network. A network that utilizes a shared medium requires a mechanism to efficiently share it. Within each cell, the wireless network architecture is a two-way PMP, which is a good example of a shared medium; here the medium is the space (air) through which the radio waves propagate. The downlink, from the base station (BS) to an SS, operates on a PMP basis. Provisions within the IEEE P802.16-REVd/D5-2004 standard include a central BS with AAS within each cell. Such an AAS includes a sectorized antenna that is capable of handling multiple independent sectors simultaneously. Within a given frequency channel and antenna sector, all stations receive the same transmission, or parts thereof.
In the other direction, the subscriber stations share the uplink to the BS on a demand basis. Depending on the class of service utilized, the SS may be issued continuing rights to transmit, or the right to transmit may be granted by the BS after receipt of a request from an SS. In addition to individually-addressed messages, messages may also be sent on multicast connections (control messages and video distribution are examples of multicast applications) as well as broadcast to all stations. Within each sector, users adhere to a transmission protocol that controls contention between users and enables the service to be tailored to the delay and bandwidth requirements of each user application.
Another important consideration for a shared medium is security. Since the medium is air, transmissions can be easily intercepted or copied. To counter this, the 802.16 standard specifies data transmissions using a link cipher to provide for encryption and, optionally, authentication and integrity checking of user data packets. There are two defined link ciphers; DES-CBC (Data Encryption Standard (DES) algorithm in the Cipher Block Chaining (CBC) mode and AES-CCM Advanced Encryption Standard (AES) in the Counter with CBC-MAC (CMM) mode. To provide keying material for the link cipher and to authorize subscriber stations that attempt to enter the network, a PKM (Privacy and Key Management) protocol is specified that provides a certificated authorization mechanism for SS's and a key exchange scheme to enable a base station to transfer keys to the SS.
Security flaws have been identified in the DES-CBC link cipher and in the PKM protocol. The problems with PKM were somewhat mitigated by the original nature of the IEEE P802.16-2001 transport mechanism, which uses highly directional, fixed, point-to-point and point-to-multipoint, high frequency transceivers. This presents a significant technical and physical barrier to attackers attempting to subvert the security of the wireless link. However as the newer IEEE P802.16-REVd/D5-2004 wireless links becomes deployed using lower frequency bands, omni-directional antennas, and mobile equipment, the barriers to attackers are lowered, and PKM becomes a protocol that is feasible to attack for the purposes of theft of service, information gathering and impersonation.