WiMAX versus LTE

WiMAX or Worldwide Interoperability for Microwave Access is a wireless tech-nology regarded as the IEEE 802.16 standard. The main aim for IEEE 802.16 standard is to offer broadband wireless access. WiMAX brings about some re-markable features like scalability, mobility, high data rates, quality of service and security.

Long-term evolution or LTE, is a rapid growing fourth generation standard for wireless communication, when it comes to mobile phones. In this dissertation we are going to come up with a comparative perspective to the security problem in both technologies and analyze their security architecture and features to determine their advantages and disadvantages. All the investigations are security-based. This research work can pave the way for a better understanding and having a more accurate picture of these two forth generation technologies and their differences.

Such a comparative insight meticulously addresses the notion of technology ap-plication and usage.

This further clarifies the essential selection of the technology considering the re-quirements and existing infrastructure. It can be confirmed that by having a spe-cialized look into the matter one can decide that for an intended network which technology is better to be deployed. Also the implementation itself does have complexities for each of the two technologies. This research addresses to make the selection easier by providing a comparative investigation of both LTE and WiMAX from a security point of view.

The security and architecture of the next generation networks have been the sub-ject of many research prosub-jects and academic articles. WiMAX and LTE are among the most emergent wireless technologies belonging to the 4-G family. Due to this fact, indeed the investigation and comparative comparison of these two technologies from a security perspective becomes important. Therefore, the au-thors have addressed and carried out this comparative research and have high-lighted the differences and similarities. So this would provide a precise insight which aids in a better understanding of the subject.

The WiMAX designs a multipurpose network that provides services within wide ranges. The Security of WiMAX is predefined in the Privacy Sublayer of the Ref-erence Model. Below, some critical factors of the IEEE 802.16 Security Architec-ture are presented (S. Wattanachai 2006):

Authorization SAs comprises the following attributes:

• X.509 certificates. These digital certificates permit WiMAX communication factors to validate each other. The certificates are signed by the device manufac-turer.

• Authorization key (AK). AKs are means for authenticating among BSs and MSs before the traffic encryption key (TEK). The authorization SA comprises an iden-tifier and a key value for each and every AK.

• Key encryption key (KEK). The KEK is for encrypting the TEKs during the TEK exchange.

• Message authentication keys. It checks the authenticity of key messages while establishing the keys. These keys are deployed to sign management messages to validate message authenticity as well.

• Authorized data SA list. Given to the SS/MS by the BS, the authorized data SA list demonstrates that data encryption SAs the SS/MS is authorized to access. Da-ta SAs esDa-tablish the parameters deployed to protect unicast daDa-ta messages among BSs and SSs/MSs. A data SA comprises the following security attributes:

• SA identifier (SAID). It is a unique 16-bit value that signifies the SA to recog-nize it from other

SAs.

• Traffic encryption key (TEK). TEKs are generated by the BS and are deployed to encrypt WiMAX data messages. For preventing the communications disruption during TEK rekeying procedure Two TEKs are generated.

• Data encryption SA type detector. This detector signifies the type of data SA.

There are three types:

- Primary SA. This SA is defined as a unique connection for each and every SS upon initialization with the BS.

- Static SA: This SA secures the data messages and is generated for each service defined by the BS.

- Dynamic SA: This SA is created and eliminated in reflection to the initia-tion and terminainitia-tion of some service flows.

Group SAs includes the keying material for securing multicast traffic. Key mate-rial has restricted validity duration and is controlled by the BS. The BS informs the SS just after delivering key material. The SS’s is in charge of requesting new key material within the validity duration. However, the entire authentication pro-cedure has not to be performed.

Encapsulation Protocol

The Encapsulation Protocol provides the possibility for the data encryption among BS and SS. For this aim, it establishes the cryptographic packages that are cryptographic identifiers specifying authentication mechanism supported by the SS. A complete packet-like set of sequential cryptographic remedies are forward-ed to the BS. The set comprises the encryption of data or the algorithm of authen-tication and encryption for the TEK (D. Johnson et al. 2004).

PKM Protocol

Privacy Key Management Protocol (PKM) is in charge of routine SS authoriza-tion, re-authorization and reception or renewal of key material. It is exactly simi-lar to a typical client and server-model where the SS asks for key material from the BS that plays the role of a PKM server. By means of this mechanism, both client and SS just receive key material that is in line with their requirements. The architecture of LTE is categorized into five parts: 1- access security, 2- domain security, 3- user domain security, 4- application domain security, 5- discernibility of the security services. The LTE security architecture is presented in Figure 1.

Compared with the security architecture of UMTS network, the differences are presented below: First of all, two-headed arrows are added between ME (Mobile Equipment) and SN (Service Network), which demonstrates that there are non-access-layer security between ME and SN too; Secondly, bi-directional arrow is added between AN and SN highlighting that security communication is desired between AN and SN; Thirdly, the notion of service network certification is inject-ed, therefore one-way arrow has been replaced by a two-headed arrow among HE and SN;

Figure 1. LTE Security Architecture (L. Zhu et al. 2012)

LTE determines a novel layering of security and the enforcement of a clearer sep-aration of control plane security and user plane security offering strong security features. LTE has support for UMTS Encryption Algorithm 1 (UEA1), UMTS Integrity Algorithm 1 (UIA1) and their respective second versions UEA2 (SNOW algorithm supporting 256 bits keys) and UIA2. Signaling at User Plane Entity (UPE) and Mobility Management Entity (MME) relocation permits the transfer of algorithm information to the target UPE, MME and User Equipment (UE) (Erics-son, S3-060705 2006). WiMAX has a powerful encryption mechanism, deploying Advanced Encryption Standard. It also embodies key management protocol and support for privacy issues. The system has an authentication architecture that is in accordance with Extensible Authentication Protocol (EAP), which permits a vari-ety of security issues, like username or password, smart cards and digital certifi-cates (Tutorials Point, WiMAX Silent Features 2010).

When it comes to issues about security both LTE and WiMAX have similar func-tions but are not identical. LTE and WiMAX have mechanisms together with pro-tocols for making sure that the connections are safe. One can draw a conclusion that LTE is better than the WiMAX when the main focus is technology due to being new and up-to-date. LTE appeared after WiMAX, thus some telecommuni-cation firms already invested in WiMAX and offered commercial services. There-fore for some companies the process of transferring from WiMAX toward LTE does not seem financially feasible as a result of already focusing on WiMAX. As both WiMAX and LTE systems have similar technical profiles, the choice of the next generation technology hinges on the timeline benefit of the technology and the service provider’s legacy platform.