Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions

Without physical boundaries, a wireless network faces many more vulnerabilities than a wired network does. IEEE802.16 provides a security sub-layer in the MAC layer to address the privacy issues across the fixed BWA (Broadband Wireless Access). To address the flaws in IEEE802.16 security after IEEE802.16-2001, the enhanced version IEEE802 was proposed. The IEEE802.16e is also vulnerable to new attacks. The IEEE802.16 standard, especially the security sub-layer was thoroughly investigated. And various possible solutions were discussed to counter those attacks and verify the analysis using formal (BAN) logic. BAN Logic was used to analyze the various attacks on Basic PKM authentication protocol, Intel Nonce version, and PKMv2. Methods to counter those attacks are suggested and modified protocol is proposed as well. However, this goal fails and Interleaving Attack still applies.