Enhancing Security Using the Discarded Security Information in Mobile WiMAX Networks

In mobile WiMAX (M-WiMAX), while generating cipher-based message authentication code (CMAC) for security, some bits of it are truncated and also while deriving a key hierarchy, some part of keying material is discarded. In this paper, we exploit these discarded information to enhance the security in M-WiMAX, and consider two cases of discarded information. Firstly, we propose to use the truncated upper 64-bits of CMAC, which we name shared authentication information (SAI), to complement the security breach in the signalling protocol which is vulnerable to DDoS attack in M-WiMAX. Secondly, we use the truncated 192-bits of master session key (MSK), which we name shared authentication key (SAK), as a temporary authentication root key for inter-domain or inter-authenticator handover. The purpose of using SAK is to reduce the latency for authentication during handover. As this paper opens a possibility of using such discarded security information for enhancing security, we may apply this approach to some other security systems in a similar way.