Elsevier Editorial System(tm) for Computer Networks

Manuscript Draft

Manuscript Number: COMNET-D-11-14

Title: Secure MAC Management Message Exchange Model in 802.16

Article Type: Regular Paper

Keywords: Worldwide Interoperability of Microwave Access (WiMAX); Privacy Key Management

(PKM); Authentication; management messages

Corresponding Author: Mr. Shahid Hussain Rathore, MS

Corresponding Author's Institution: Azad Jammu & Kashmir Council Sectt.

First Author: Shahid H Rathore, MS

Order of Authors: Shahid H Rathore, MS; Tahir Mahmood, MS

Abstract: Real time applications and scarcity of time institute the demand of high speed mobile
networks. This mandate is tried to be met by telecommunication and data networks in their
subsequent paths. Since Mobile Worldwide Interoperability of Microwave Access (WiMAX) offers high
data rate along with seamless handover feature in mobility, as a result, data networks got an edge in
the race. Besides all, boundary-less structure of wireless networks makes them more vulnerable to
security threats in comparison to wired networks. Now, security of a wireless network has become a
challenge for protocol designers. Furthermore, authentication is the front layer shield of security block.
The initial management messages and Privacy Key Management (PKM) deals with authentication in
802.16 (WiMAX). This paper converges focal points of WiMAX authentication mechanism
(Management messages and Privacy Key Management Protocol version 2). Management messages
involved in the authentication have become a major security hazard in the communication model. It is
also observed that many threats can be invoked by unsecured exchange of the messages. To eliminate
this root cause of vulnerabilities, an alternative model is presented. The proposed model is supposed to
encrypt initial management messages by hashing mechanism. A simulation is applied to validate the
performance comparison of the model.
Secure MAC Management Message Exchange Model in 802.16
Click here to view linked References

1
2
3
4 Secure MAC Management Message Exchange Model
5
6
7
in 802.16
8
9
10 Shahid Hussain Rathore
11 Department of Computer Science & Information Technology,
12 Federal Urdu University of Arts, Sciences & Technology (FUUAST),
13 Islamabad, 44000, Pakistan.
14 rathore@hotmail.com
15
16
17
18
Abstract— Real time applications and scarcity of time institute Core of security goal is to provide privacy and access
19 the demand of high speed mobile networks. This mandate is tried
20 control across authorized network. It is unachievable without
to be met by telecommunication and data networks in their securing the prime shield of security; initial handshake and
21 subsequent paths. Since Mobile Worldwide Interoperability of
22 Microwave Access (WiMAX) offers high data rate along with
authentication. Authentication refers to a process of validating
23 seamless handover feature in mobility, as a result, data networks real identity of a host (user or device) that intent to be
24 got an edge in the race. Besides all, boundary-less structure of legitimated into a network whereas authorization is grant of
25 wireless networks makes them more vulnerable to security access.
26 threats in comparison to wired networks. Now, security of a A BS and SS, initially exchange synchronization, ranging
27 wireless network has become a challenge for protocol designers. and registration information to establish a connection for
28 Furthermore, authentication is the front layer shield of security
block. The initial management messages and Privacy Key
transmission. After that, authentication process takes place
29 which is followed by authorization. Authentication is done
Management (PKM) deals with authentication in 802.16
30 (WiMAX). This paper converges focal points of WiMAX using SS signature based on X.509 hardware embedded
31 authentication mechanism (Management messages and Privacy certificate [2].
32 Key Management Protocol version 2). Management messages WiMAX added a security sub-layer in medium access
33 involved in the authentication have become a major security control (MAC) layer. This sub-layer also contains redefined
34 hazard in the communication model. It is also observed that
many threats can be invoked by unsecured exchange of the
security mechanism for IEEE 802.16e-2005 (mobile WiMAX).
35
36 messages. To eliminate this root cause of vulnerabilities, an Mobility made appropriate amendments in privacy and keying
37 alternative model is presented. The proposed model is supposed management (PKM) protocol to ensure a secure client
38 to encrypt initial management messages by hashing mechanism. (subscriber station-SS)/ server (Base station-BS) authentication
39 A simulation is applied to validate the performance comparison and authorization. 802.16d-2004, a fixed infrastructure of
of the model. WiMAX implemented PKMv1 protocol. In view of the fact
40
41 Keywords- Worldwide Interoperability of Microwave Access that mobile security is not the same as in fixed wireless
42 (WiMAX); Privacy Key Management (PKM); Authentication; infrastructure. WiMAX also gave a successor in 802.16e-2005
43 management messages. that is PKMv2, to address latest security issues in mobility [8].
44 The other part of security sub-layer, PKM provides secure
45 I. INTRODUCTION distribution and synchronization of keying data from the SS to
46 the BS. It also enforces conditional access to the network [3].
47 Wireless communication is not a new technology and radios
Key management protocol, PKM uses a two tired keying
48 have been introduced in 18th century. Initial requirements of
mechanism for user access to the network. It can re-
49 mobile internet access ware quite low. But as time passed,
demand of high-speed internet access increased to wireless authenticate and re-authorize the SS to the BS and vise versa.
50
51 broadband access(WBA). While worldwide interoperability for II. BACKGROUND
52 microwave access (WiMAX) [1] communication infrastructure
A network of 802.16 has a flexible SS authentication
53 is a response for today’s constraints, those are cost
54 approach that is based on Internet Engineering Task Force
effectiveness, network efficiency and prompt deployment.
55 (IETF) Extensible Authentication Protocol (EAP) [7]. It comes
Regardless of these cohesive requirements, the boundless
56 with user validation methods of login password, digital
structure of wireless networks makes them more vulnerable
57 certificate and embedded identity smart card. The network
which are not present in wired networks. Thus use of encrypted
58 operations may choose multiple or single authentication
transmission, videocipher-II (commonly use data encryption
59 approach as per requirements. For instance, a digital certificate
standard-DES) was introduced in 1983 as videocipher system.
60 may be used for device authentication and login plus password
61
62
63
64
65
 1
2
3 for authorized user validation. but not the least non-repudiation. [6].
4 A basic problem of WiMAX authentication mechanism is WiMAX privacy and keying mechanism, PKM involves
5 the lacking to protect management message in authentication of PKI-public key infrastructure which consist of all the above
6 SS to BS [3], [4], [5], [9], [10]. This makes the network mentioned elements. It uses X.509 digital certificate and 2-key
7 vulnerable to various attacks, based on identity theft. triple data encryption standard (3DES) to secure key exchange
8 On the basis of above authentication problem, we shall between a SS and an authenticator, BS in this case.
9 research and find out that how we can protect this security Sen Xu et. al. pointed towards various keying and privacy
10 whole of an intensively growing network with less physical issues of PKM version 1 & 2 in light of latest threats and
11 protection shield. The protection to this vulnerability will vulnerabilities [4].
12 secure lost of identity of SS or BS, as well as intruders will be The authors in [9] put the consideration on lapses of
13 blocked to find out presence of victim. We also validated our security architecture in 802.16 specifically on MAC layers.
14 proposed modal using simulation approach, so that we can MAC layer exchange unencrypted management messages and
15 make it more reliable. it is an open door for eavesdroppers.
16
17 III. LITERATURE REVIEW A. Management Messages:
18 A set of management messages is defined and transmitted
19 The amendment 802.16e-2005 came into existence merely
on mobility and security issues and gave a good consideration in the payload of MAC PDU (Primary Data Unit) Whereas, a
20
on security issues to be get protected from mistakes done by PDU consists of service data units (SDU) packing,
21
22 802.11. fragmentation or one-on-one raping. SDU comprises of above
23 The second layer in Open System Interconnectivity (OSI) layer data unit, for instance, packet in case of IP and cell when
24 model named Data Link Layer is bifurcated into Logical Link ATM operates on above layers.
25 Control sub-layer and Medium Access Control (MAC) sub- A MAC management message begin with a Management
26 layer. The communication security issues primarily raises on Message Type (MMT) field and may contain additional fields
27 MAC and Physical layers. MAC layer security explicitly depend upon the requirements.
28 known as security sub-layer. In [22] Andreas Deininger et. al. discussed that initial
29 MAC security sub-layer comprises of an encapsulation synchronization, ranging, registration, vendor and hardware
30 protocol and PKM protocol. Encapsulation protocol defines information messages were communicated in unencrypted
31 cryptographic suits and its implementation on MAC protocol form. This invites eavesdroppers to intervene in this message
32 data unit (PDU). exchange process. It also allows creating comprehensive profile
33 of SS alongwith security and configuration settings.
The layer also provides subsequent authentication,
34 At first, SS scans for downlink signals on predefined
confidentiality and privacy by applying encryption algorithms.
35
Figure 1 shows the hierarchy of protocol precedence and available frequencies to be synchronized with BS. DL-map and
36
alternative approach in security implementation. It comprises UL-map management message determine the physical
37
38 of two major protocols: data encapsulation and PKM protocol. description of channel such as data rate and error detection of
39 The PKM provide secure key exchange between BS and SS both the entities (SS and BS). BS The ranging requests used for
40 [3], [12]. clock synchronization and to determine the communication
41 power of both transmitter and receiver. Supported security
42 EAP method algorithms are negotiated during ranging process. [23]
43 EAP The procedure of authentication and first key exchange is
44 RSA-based Authentication/ EAP illustrated in Figure 3. PKM MAC management messages are
45 authentication SA control encapsulation/ used for authentication and first key exchange (as shown in
46 encapsulation Figure 2).
47 PKM control management
48
49 Traffic data encryption/ Control message processing
50 authentication Message
51 processing authentication
52 PHY SAP
processing
53
Figure 1: WiMAX Security architecture [1] [3] [10]
54
55
56 WiMAX encrypted connection oriented structure uses
57 privacy key infrastructure (PKI) to enable users to access
58 unsecure path with a secure access. Diffie and Hellman
59 proposed this methodology in 1976. PKI framework provides
60 confidentiality, integrity, access control, authentication and last
61
62
63
64
65
 1
2
3 SS BS number of bytes. The message shall be padded to match this
4 DL-MAP length, but the SS shall disregard the 4 pad bits.
5 DL-Synchronization A UCD message is transmitted by the BS at a periodic
DCD
6 interval to define the characteristics of an UL physical channel.
7 UCD A BS shall generate UCDs based on IEEE 802.16-2009
8 UL-Synchronization UL-MAP standard sequence parameters.
9 The UL-MAP message allocates access to the UL channel.
RNG-REQ
10 The UL-MAP message shall be composed as per parameters
Initial Ranging
11 RNG-RSP and sequence defined in the standard [24].
12 REG-REQ An RNG-REQ shall be transmitted by the SS at
13 initialization and periodically to determine network delay and
Registration REG-RSP
14 to request power and/or DL burst profile change. The format of
15 Basic Conn. ID
Authentication & the RNG-REQ message is follows the standard. The RNG-
16 Authorization Auth & Key Exchange REQ message may be sent in initial ranging and data grant
17 Operations Processes
intervals.
18
19 RNG-RSP related to above parameter. It is transmitted by
20 Figure 2: Exchange of Initial Management Messages and Other Operation the BS in response to a received RNG-REQ. In addition, it may
21 [1 & 22] also be transmitted asynchronously to send corrections based
22 on measurements that have been made on other received data
23 The encoding of Management Message Type field is given or MAC messages. As a result, the SS shall be prepared to
24 in Table 1. MAC management messages shall not be carried on receive a RNG-RSP at any time, not just following a RNG-
25 transport connections. MAC management messages that have a REQ transmission. The format of the RNG-REQ message is
26 Type value specified in Table 1 as reserved, or those not also defined in the standard.
27 containing all required parameters or containing erroneously An REG-REQ shall be transmitted by an SS at
28 encoded parameters, shall be silently discarded. In case of initialization. An SS shall generate REG-REQs in the form of
29 MAC management messages with multiple presentations of the defined structure of the standard.
30 same type/length/value (TLV) and/or encoded parameter A REG-RSP shall be transmitted by the BS in response to
31 information, the last presentation shall be used, unless received REG-REQ. To provide for flexibility, the message
32 otherwise specified that multiple presentations are allowed parameters following the response field shall be encoded in a
33 (e.g., Downlink Burst Profile TLV in Downlink Channel TLV format.
34 Descriptor message), in which case all presentations shall be
35 A BS shall generate REG-RSPs as per format defined in the
used. standard, including set parameters.
36
37 TABLE 1
38 B. PKM Management Messages
SOME INITIAL MAC MANAGEMENT MESSAGES [1]
39 Message name A SS uses the PKM protocol to obtain authentication and
Message name
40 (Type) Description authorization by way of traffic keying material from the BS. In
41 UCD (0) Up-Link(UL) Channel Descriptor addition, it also supports periodic reauthorization and key
42 DCD (1) Down-Link(DL) Channel Descriptor refresh. PKM support two different protocol mechanisms for
43 DL-MAP (2) DL access definition secure authentication. RSA algorithm (Ron Rivest, Adi Shamir
44 UL-MAP (3) UL access definition
RNG-REQ (4) Ranging Request
and Len Adleman) is mandatory in PKMv1 [13], invented in
45 1977. Second the optional one is extensible authentication
RNG-RSP (5) Ranging Response
46 REG-REQ (6) Registration Request protocol (EAP) [7].
47 REG-RSP (7) Registration Response PKM protocol has two generic MAC management
48 (8) Reserved
PKM-REQ (9) PKM Request
messages in the 802.16 standard: i) PKM Request (PKM-REQ)
49
PKM-RSP (10) PKM Response which encapsulates one PKM message in its message payload.
50
51 DSA-REQ (11) Dynamic service addition request
It is always sent from the SS to the BS. ii) PKM Response
52 (PKM-RSP) which encapsulate one PKM message initial
DSA-RSP (12) Dynamic service addition response
53 message payload. It is always sent from the BS to the SS.
DSA-ACK (13) DSA Acknowledgement Both PKM-REQ and PKM-RSP use the primary
54
55 management connection with the exception that when the BS
56 BS transmits a DCD message at a periodic interval to define sends the PKM-RSP message to the SSs for a multicast service
57 the characteristics of a DL physical channel. DL-MAP message or a broadcast service, it may be carried on the broadcast
58 defines the access to the DL information. If the length of the connection.
59 DL-MAP message is a non-integral number of bytes, the LEN In table 1, some important MAC management messages
60 field in the MAC header is rounded up to the next integral with descriptions are listed to elaborate the initial management
61
62
63
64
65
 1
2
3 structure of WiMAX. The PKM-REQ and PKM-RSP messages Later on, it was identified that password change protocol is
4 codes added for PKMv2 can be found [1]. vulnerable to Denial of Service (DoS) attack. In [18], another
5 In PKMv1, the BS Authenticates the SS and then provides authentication scheme suggested for low resource capability
6 it with keying material. clients.
7 After determining the capability, the BS authenticates the So far, researchers resolved transmission security and
8 SS and provides it with key material to enable the ciphering of synchronized password updation issues. Whereas, another
9 data. All SSs have factory-installed RSA private/public key threat of server stored password eavesdropping was identified
10 pairs or provide an internal algorithm to generate such key and afterward addressed by Wang. et. al. in [19]. It was an
11 pairs dynamically. The SSs with factory-installed RSA key enhancement in [17] which resolved the problem.
12 pairs also have factory-installed X.509 certificates. The SSs
13 that rely on internal algorithms to generate an RSA key pair
14 support a mechanism for installing a manufacturer-issued
15 SS BS
X.509 certificate following key generation. SHA Hashing
16 DL-MAP
17 IV. PROPOSED SECURITY FOR MAC MANAGEMENT DL-Synchronization DCD
18 MESSAGES
19 UCD
20 This section depicts the improved authentication
UL-Synchronization
mechanism structure based on existing WiMAX authentication UL-MAP
21
22 and communication parameters model. RNG-REQ
23 It has been observed that existing wireless network has Initial Ranging RNG-RSP
24 suffered a lot on weak security mechanisms. Authentication
and management messages are considered as primary shield of REG-REQ
25
26 security for a network and it is one of the most prominent Registration REG-RSP
27 element in communication system network design. Basic Conn. ID
Authentication &
28 The model shows that there are initial management Authorization Auth & Key Exchange
29 messages which are being exchanged between SS and BS Operations Processes
30 without encryption and these are an open threat for attackers.
31 There are two approaches that can be adopted to maintain
32 confidentiality of data for to connect to the network upto a
33 reliable extent. First, mutual authentication confidentiality
34 Figure 2: Proposed exchange of initial Management Messages and Other
(MMC) approach and other one is independent certificate Operation
35
36 validation authority (ICVA) approach. MMC approach protects
management message through some cryptography mechanism. Message-Digest (MD) algorithm is one of the common
37
38 ICVA approach requires an independent certificate validation hashing functions. MD5 is the successor of MD4 and is also
39 authority to provide an above level confidentiality shield in widely used but broken in practice likewise it descend
40 existing WiMAX network. Involvement of independent MD4[20].
41 certificate authority infrastructure suggests a more extensive MD series hashing algorithm faced Secure Hash Algorithm
42 and expensive alteration, whereas MMC approach proposes (SHA) series developed by the U.S. National Security Agency
43 less infrastructural updation/ modifications and consequently, for Secure Hash. SHA-0 algorithm was marked as flawed
44 its more cost effective. Therefore, second approach is algorithm and abandoned by the agency and SHA-1 is widely
45 considered more appropriate to secure the plain management deployed and more secure than MD5 (it was also marked under
46 messages. various attacks). The SHA-2 family improves SHA-1 however
47 MMC approach implemented using modern cryptography yet not widely deployed and U.S. standards authority is
48 algorithms that are alienated into two main categories, precautious from security perspective [21]. Thus, a hash
49 symmetric cryptography and asymmetric cryptography. function design competition is underway and meant to select a
50 new U.S. national standard, to be called SHA-3, by 2012.
Whereas, one-way securing functions is third type of
51
cryptographic algorithm. In 1981, such functions used to SHA-256bits is proposed on the basis of moderate overhead
52
encrypt passwords [14] and known as, hashing functions. and more reliable security structure to replace existing structure
53
54 They took a message of any length as input and gave output which exchanges of plain management messages. It also
55 a short, fixed length hash that can be used for various purposes possesses compression function that operates on an internal stat
56 for instance, digital signature. For good hash functions, an of 256 bits.
57 attacker cannot find two messages that produce the same hash. There are two model are designed in forth coming
58 These collision-resistant non-asymmetric cryptographic simulation. One simulates existing model structure and the
59 functions also encountered with guessing and server spoofing other have SHA hashing on synchronization, ranging and
60 attacks. [15][16], but later, it was improved against the attacks. registration management messages.
61
62
63
64
65
 1
2
3 Every model based on a node and a BS. BS sends initial V. CONCLUSION AND FUTURE WORK
4 management message to their subsequent nodes. A shared WiMAX uses licensed Radio Frequency (RF) spectrum,
secret key among trust worthy parties is adopted for message which provides protection from unauthorized access to some
5
hashing. The procedural details are described as following: extent. The pre-authentication process required exchange of
6
7 1) Message; BS (encrypter) → SS (dencrypter): BS-DL-Map management messages between BS and SS. These messages
8 | Sha-Key. are exchanged without any protection and become a root cause
9 2) Message; BS → M/SS: BS-DCD | Sha-Key. for Eavesdropping and man-in-the-middle (MITM) attacks.
10 DL-Synch Procedure We concluded that if we want to achieve protection against
11 MITM attacks on authentication and forth coming
12 3) Message; BS(Encrypter) → SS(Dencrypter): UCD | Sha- communication in WiMAX.
13 Key.
14 We also proposed some future extensions, in the model and
4) Message; BS(Encrypter) → SS(Dencrypter): BS-UL-Map it is suggested that comparative overview with other variants of
15
| Sha-Key. SHA algorithm and other encryption techniques may be
16
UL-Synch Procedure adopted to achieve more robust transmission between the SS
17
18 and BS as well as mobility aspect may be tested with Point to
5) Message; SS(Encrypter) → BS(Dencrypter): SS-Rng-Req Multipoint (PMP) transmission environment.
19
20 | Sha-Key
21 6) Message; BS(Encrypter) → SS(Dencrypter): BS-Rng-Rsp REFERENCES
22 | Sha-Key. [1] IEEE Std. 802.16TM-2009 (Revision of IEEE Std. 802.16-2004) for
23 Init Rang defining Procedure IEEE Standard for Local and metropolitan area networks, Part 16: Air
Interface for Broadband Wireless Access System. IEEE Computer
24 Society and the IEEE Microwave Theory and Techniques Society, 13
25 7) Message; SS(Encrypter) → BS(Dencrypter): SS-Reg-Rsp May 2009, Available: http://standards.ieee.org/xpl/standards.jsp.
26 | Sha-Key [2] Sen Xu, Chin-Tser Huang, “Attacks on PKM Protocols of IEEE 802.16
27 8) Message; BS(Encrypter) → SS(Dencrypter): BS-Reg-Rsp and Its Later Versions”, Wireless Communication System 2006,
28 | Sha-Key. ICWCS-3rd International Symposium on Vol, issue, 6-8 Sep, 2006, PP
185-189.
29 Client registration Procedure
[3] LANG Wei-min, ZHONG Jing-li, LI Jian-Jun, QI Xiang-yu “Research
30 on the Authentication Scheme of WiMAX”, PLA Institute of
31 To resolve the problematic area of security, BS compute the Communication Command, Wuhan, China, Armored Force Engineering
32 messages on SHA based shared secret key. Then the messages Institute, Beijing, China, 2008.
33 transported to eliminate the weakness in original standard on [4] Sen Xu, Manton Matthews, Chin-Tser Huang, “Security Issues in
34 Privacy and Key Management Protocols of IEEE 802.16”, ACM SE’06,
predefined frequency. The mechanism also provides protection {xu4, matthews, huangct}@cse.sc.edu, March, 2006.
35 against the reply attack and legitimate the BS station in front [5] Mahmoud Nasreldin, Heba Aslan, Magdy El-Hennawy, Adel El-
36 layer security shield, extendedly. Hennawy, “WiMAX Security”, IEEE - 22nd International Conference
37 The suggested mechanism states that: on Advanced Information Networking and Application – Workshop,
38 Mar, 2008, pp 199-202.
39 SS sent a DL-Map message to BS to start the downlink [6] W. Diffie and M.E. Hellman, New directions in cryptography, IEEE
40 synchronization for subscriber station encrypted with Transactions on Information Theory 22 (1976), 644-654.
41 SHA shared key. The key is a shared secret between [7] IETF RFC 3748, Extensible Authentication Protocol (EAP), B. Aboba,
communicating parties. L. Blunk, J. Vollbrecht, J. Carlson, H. Levkowetz, June 2004.
42 www.ietf.org/rfc/rfc3748.txt
43 SS sent encrypted DCD information to SS based on [8] Evren Eren, “WiMAX Security Architecture – Analysis and
44 shared secret. Assessment”, University of Applied Sciences Dortmund, Emil-Figge-
45 Str. 42 – 44227 Dortmund, eren@fh-dortmund.de, www.inf.fh-
46 BS transport encrypted uplink channel description to dortmund.de, 2007.
47 synchronize associate client stations. [9] Eklund, C., Marks, R.B., Stanwood, K.L., & Wang, S., “IEEE Standard
802.16: A Technical Overview of the WirelessMAN Air Interface for
48 Broadband Wireless Access” June, 2002, Available:
BS sent encrypted UL-Map for to synchronize SS.
49 http://www.ieee802.org/16/docs/02/C80216-02_05.pdf
50 SS transports hashed ranging response to BS. [10] Lang Wei-min, Wu Run-Sheng, Wang jian-qiu, “A Simple Key
51 Management Scheme based on WiMAX”, IEEE – 2008 International
52 Symposium on Computer Scinece and computational Technology, 2008.
Proposed model ensures integrity of the messages. The [11] Hung-Min Sun, Shih-Ying Chang, Yue-Hsun Lin, and Shin-Yan Chiou,
53 proposed scenario is used to evaluate the outcomes of the “Efficient Authentication Schemes for Handover in Mobile WiMAX”,
54
proposed model. Existing scenario implies normal plan text IEEE - 8th International Conference on Intelligent Systems Design and
55 Applications, Nov, 2008.
management messages communication but other based on
56 [12] Lang Wei-min, Wu Run-sheng, Wang jian-qiu, “A Simple Key
57 hashed communication between SS and BS. Each scenario Management Scheme based on WiMAX”, IEEE- 2008 International
58 implemented on one BS and one SS. Symposium on Computer Science and Computational Technology, Dec,
2008.
59
60
61
62
63
64
65
 1
2
[13] Mitko Bogdanoski, Pero Latkoski, Aleksandar Risteski, Borislav [19] B. Wang, H. Zhang, Z. Wang, Y. Wang, “A Secure Mutual Password
3 Popovsk, ”IEEE 802.16 Security Issues: A Survey”, 16th Authentication Scheme with User Anonymity,” Geomatics and
4 Telecommunication forum, TELFOR 2008, pp 199-202. Information Science of Wuhan University, vol. 33, no. 10, Oct. 2008,
5 [14] M. Peyravian and N. Zunic, “Methods for Protecting Password pp. 1073-1075.
6 Transmission,” Computer & Security, vol. 19, issue 5, July 2000, pp. [20] R. L. Rivest, “The MD5 Message-Digest Algorithm," Request for
7 466-469, doi:10.1016/S0167-4048(00)05032-X. Comments (RFC) 1321, 1992.
8 [15] G. Tsudik, “Message Authentication with One-way Hash Functions,” [21] FIPS Publication 180-1, “Secure hash standard,” NIST, U.S. Department
ACM SIGCOMM Computer Communication Review, vol. 22, issue 5, of Commerce, Washington, D.C., April 1995.
9 Oct. 1992, pp. 29-38, doi: 10.1145/141809.141812. [22] Andreas Deininger, Shinsaku Kiyomoto, Jun Kurihara, Toshiaki Tanaka,
10 [16] C. C. Lee, L. H. Li, and M. S. Hwang, “A remote user authentication “Security Vulnerabilities and Solutions in Mobile WiMAX”, IJCSNS
11 scheme using hash functions,” ACM SIGOPS Operating Systems International Journal of Computer Science and Network Security,
12 Review, vol. 36, issue 4, Oct. 2002, pp. 23 – 29, doi: VOL.7 No.11, November 2007, PP 9-11.
13 10.1145/583800.583803. [23] Michel Barbeau, “WiMAX/ 802.16 Threat Analysis”, Carleton
14 [17] J. J. Hwang and T. C. Yeh, “Improvement on Peyravian-Zunic’s University, ACM, Oct, 2005.
Password Authentication Schemes,” IEICE Trans. Commun., vol. [24] Lenardo Maccari, Matteo Paoli, Romano Fantacci, “Security Analysis of
15 E85-B, no. 4, Apr. 2002, pp. 823–825. IEEE 802.16”, IEEE – ICC 2007 – 2007, pp 1160-1165.
16 [18] Y. F. Chang, C. C. Chang, and Y. L. Liu, “Password Authentication
17 without the Server Public Key,” IEICE Trans. Commun., vol. E87-B,
18 No. 10, Oct. 2004, pp. 3088-3091.
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
*Author Biography

1
2
3
4
5 AUTHOR BIBLIOGRAPHY
6
7
8
9
(Shahid Hussain Rathore)
10
11
12
13 He was born in capital of Pakistan (Islamabad) on 11th Aug, 1976. I completed his BS(IT) from
14
15 Allama Iqbal Open University (AIOU), Islamabad, Pakistan and MS(IT) from Shaheed Zulfiqar
16
17
18 Ali Bhutto Institute of Information Technology (SZABIST), H-8, Islamabad, Pakistan. Along
19
20 with education, he also served in various IT/CS designations in Public and Private sectors. The
21
22
23 MS (IT) research swathe wireless network (specifically WiMAX Security) and related issues.
24
25 Presently, I continue my research on VoIP QoS, Wireless LAN, Wireless Broadband Access
26
27
28
(WBA) and related issues.
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
-1-
*Author Biography

1
2
3
4
5 AUTHOR BIBLIOGRAPHY
6
7
8
9
(Mr. Tahir Hussain)
10
11
12
13 A reliable, hardworking and multi-skilled individual, with good management and excellent communication
14
15 skills. Self-motivated, service orientated and a brilliant team player. 3 years working experience in UK’s
16
17 bank as IT Analyst. Have a great passion for teaching and training. Have almost 8 years of IT and
18
19 teaching experience. Also taught in Shaheed Zulfiqar Ali Bhutto Institute of Science & Technology,
20
21 Islamabad, Pakistan. Presently, on leave for PhD (Cloud Computing) at the University of Oakland, New
22
23 Zealand.
24
25 Research Contributions:
26  Rizwan Akram, Tahir Mehmood, (2009). Security in WiMax, in proceedings of the Annual
27 Security Conference. Dhillon, G. "Security, Assurance and Privacy: organizational challenges".
28 April 15-17. DC: Information Institute Publishing. ISBN: 978-1-935160-04-4
29  Adeel Anwar Abbasi, Tahir Mehmood,. QoS Based Routing in Next Generation Networks
30 (NGN), Published in The 2009 International Conference on Wireless Networks (ICWN'09), July
31 13-16, 2009, Las Vegas, USA, pp:222-228
32  Muhammad Ibrahim, Tahir Mehmood, QoS Providence and Management in WiMax using
33 PMP mode, in proceedings of The International Conference on Machine Learning and Computing
34 (ICMLC 2009), pp:333-337, ISBN: 978-1-84626-018-6.
35  Muhammad Ibrahim, Tahir Mehmood, and Fasee-Ullah, QoS Providence and Management in
36 Mobile Ad-Hoc Networks , in proceedings of The International Conference on Machine Learning
37 and Computing (ICMLC 2009), pp:338-342, ISBN: 978-1-84626-018-6.
38  Rao Junaid Aftab, Tahir Mehmood, (2009). Optimization of Wireless Access Point
39 Performance and Efficient Handover, in proceedings of the Annual Security Conference.
40 Dhillon, G. "Security, Assurance and Privacy: organizational challenges". April 15-17. DC:
41 Information Institute Publishing. ISBN: 978-1-935160-04-4
42  Fasee-Ullah, Tahir Mehmood and Muhammad Ibrahim, SPINS: Security Protocols for
43 Wireless Sensor Networks, in proceedings of International Conference on Computer
44 Engineering and Applications ICCEA Manila Philippine , 2009, 6 - 8, June 2009.
45  Masood Habib, Tahir Mehmood, Fasee-Ullah and Muhammad Ibrahim, Performance of WiMAX
46 Security Algorithm (The Comparative Study of RSA Encryption Algorithm with ECC Encryption
47 Algorithm), in International Conference On Computer Technology and Development (ICCTD
48 2009) Published in IEEE Computer Society, pp: 108-112
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
-1-
*Author Photo
Click here to download high resolution image
*Author Photo
Click here to download high resolution image