Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Is WiMax secure?

It's early to say, but there are dangers.

Article comments

What are the possible security risks associated with deploying and using WiMax?

WiMax is the much-anticipated broadband wireless access mechanism for delivering high-speed connectivity over long distances, making it attractive to Internet and telecommunications service providers. Designed by the IEEE 802.16 committee, WiMax was developed after the security failures that plagued early IEEE 802.11 networks. Recognising the importance of security, the 802.16 working groups designed several mechanisms to protect the service provider from theft of service, and to protect the customer from unauthorised information disclosure.

Authentication A fundamental principle in 802.16 networks is that each subscriber station (SS) must have an X.509 certificate that will uniquely identify the subscriber. The use of X.509 certificates makes it difficult for an attacker to spoof the identity of legitimate subscribers, providing ample protection against theft of service. A fundamental flaw in the authentication mechanism used by WiMax's privacy and key management (PKM) protocol is the lack of base station (BS) or service provider authentication. This makes WiMax networks susceptible to man-in-the-middle attacks, exposing subscribers to various confidentiality and availability attacks. The 802.16e amendment added support for the Extensible Authentication Protocol (EAP) to WiMax networks. Support for EAP protocols is currently optional for service providers.

Related Articles on Techworld

Encryption With the 802.16e amendment, support for the AES cipher is available, providing strong support for confidentiality of data traffic. Like the 802.11 specification, management frames are not encrypted, allowing an attacker to collect information about subscribers in the area and other potentially sensitive network characteristics.

Availability WiMax deployments will use licensed RF spectrum, giving them some measure of protection from unintentional interference. It is reasonably simple, however, for an attacker to use readily available tools to jam the spectrum for all planned WiMax deployments. In addition to physical layer denial of service attacks, an attacker can use legacy management frames to forcibly disconnect legitimate stations. This is similar to the deauthenticate flood attacks used against 802.11 networks.

WiMax threats

Despite good intentions for WiMax security, there are several potential attacks open to adversaries, including:

  • Rogue base stations
  • DoS attacks
  • Man-in-the-middle attacks
  • Network manipulation with spoofed management frames

The real test of WiMax security will come when providers begin wide-scale network deployments, and researchers and attackers have access to commodity CPE equipment. Other attacks including WiMax protocol fuzzing may enable attackers to further manipulate BSs or SSs. Until then, the security of WiMax is limited to speculation.

Joshua Wright is the senior security researcher for Aruba Networks, an editorial board member of the Wireless Vulnerabilities and Exploits project (WVE)and a senior instructor for the SANS Institute. This article appeared in Network World.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *