PDA

View Full Version : WIMAX SECURITY ISSUES(Eberly)



s1ayer
07-08-2010, 08:03 PM
WiMax the next generation of wireless has its own weaknesses.I recently went thru a article on WiMax security flaws from focus and thought will give a brief details abt the issues.

MITM Attacks

WiMax implements a unidirectional authentication scheme using X.509 certificates from subscriber to base station, but there is no provision for base station to subscriber authentication in return. This opens a potential vulnerability for rogue base stations to attempt the impersonation of legitimate devices. Attackers can simply intercept subscriber initiation requests and spoof responses, authorizing them to use the rogue access point."This means happy hacking and free bandwidth since Wimax provides connection range of upto 10 kms"

Denial of Service
In addition to MAC-layer vulnerabilities, WiMax could suffer from potential physical layer vulnerabilities as well. First, WiMax uses management frames, similar to those used in WiFi, but WiMax implements cryptographic protections to prevent the majority of spoofing attacks. However, WiMax is vulnerable to replay-based attacks to flood a network with rogue management frames, effectively creating a denial of service. "Well who wants to do a DoS and besides a lame thing to attempt".

Base Station Attacks
No matter how well implemented WiMax protocols and security models are, attackers will still attempt to exploit them. As with virtually every other standards-based technology, some products will have security flaws. This is certainly the case with the recent Airspan WiMax ProST Authentication Bypass Vulnerability. This vulnerability allows an attacker to simply craft a malicious request, which can allow administrative access to the base station.

Application-Layer Attacks
While WiMax is intended to run securely, making use of strong encryption, it is possible to deploy a solution without enabling either DES or AES. When data is transmitted in the clear, it is vulnerable to sniffing as well as attacks against applications, just as WiFi is.