Wireless Communication Worldwide Interoperability for Microwave Acces

Questions: 1. Compare and contrast three data encryption standards for WiMAX networks?2. Research the security challenges for any two examples of WPAN technologies. Answers: 1.Worldwide Interoperability for Microwave Access (WiMAX) IEEE 802.16 standard based wireless communication family who is capable of allotting multiple physical (PHY) layers and options like Media Access Control (MAC). The three major encryptions available in WiMAX are AES-CTR, AES-CBC, and AES-CCM (Fahrny, 2016). AES (Advanced Encryption Standard) in CBC (Cipher Block Chaining) mode is one of the most used ones where the data goes through AES. The feedback is then applied to the original signal so that the same encryption is not obtained after every step hence making it harder to decode it (Zhou et al., 2015). The data is processed in chunks of that have a definite block size which is the function of the AES (e.g. 128-bit block). The synchronization should exist between the coder and decoder else the messages will be illegible. AES in CCM (Counter with CBC-MAC) is a universal authenticate and encrypt block ciphering process and can be used only for 128-bit chunks. For the process of authentication, the authentication field is computed using CBC-MAC. The performance of CBC depends solely on the speed of the cipher implementation (Arnold Dames Marik, 2016). The encryption and authentication require two basic encryption operations, and the addition of the additional blocks requires additional time. AES in CTR (Counter) is the most used of all the encryption modules, and many applications are made secure using this mode. The CTR modes use the counter in contrast to the IV (Initialization Vector) that is used in the other modes. The counter used in this case is modified to serve the purpose of encryption and hence contains a nonce and counter block (Zhou et al., 2015). Padding is not required for the plain text for the block size of the cipher. AES in CBC AES in CCM AES in CTR Has initialization vector (IV), hence requires randomness each time encryption is done The combination of CBC-MAC and counter mode. This mode authenticates and then encrypts Simple to implement and the creation of pseudo-random streams is independent of plain texts Changing a part of message requires re-encryption Requires two blocks of operation of encryption The pseudo-random streams are generated from the nonce by counting up. Error in transmission totally destroys information The Same key can be used for both encryption and the counter Maximum length of messages is ensured to prevent the overlap Transmission also affects the decryption of the subsequent block Transmission error is less severe compared to the other two Effect of transmission errors is concentrated to the wrong bits only Encryption is serial, but the decryption can be parallelized Parallelized encryption and decryption Both the encryption and decryption is parallelized. Table1: Comparison Between the three encryption processes (Table Source: As created by author) 2. WPAN (Wireless Personal Area Network) is a short distance wireless network that is mainly used for the purpose of connecting the devices for personal usage. The devices that can be connected can be of wide range like PDA, Mobile phones, PCs, etc. There are various technologies that serve the purpose of WPAN (Latha Arockiasamy 2012); some of them are INSTEON, IrDA, Bluetooth, ZigBee, etc. Zigbee is a WPAN application which is based on IEEE 802.16 specifications, for high level communication using low power digital radio waves. Threats Impact Physical Attack Physical attacks are carried out by directly tampering device to gain access to the system. These types of attacks can prove detrimental to the security of the system. The devices that are connected continuously ping each other in an encrypted language which is hard to compromise. A person can access the device and set a serial interface that compromises the security. Key attacks The devices that are continuously communicating with each other use the encryption key for authentication. A remote attack that mimics the working of the ZigBee records the data that are being transferred which can be decrypted with advanced software thus compromising the security parameters of the device (Xiao et al., 2015). Replay or Injection Attacks In this attack, the malicious codes are sent over the network with the authentication packets that are recognized the device. Since the ZigBee modules are very lightweight and use the packets that are small in nature, these devices are prone to this type of attack. In this scenario, the packets are designed to look like they are from the authentic source. Once the data is received the program unpacks itself and compromises the network. Signal Jamming Signal jamming is easier in the case of ZigBee as the power used for transmission is very low hence a power low noise is capable of disrupting the services that are provided by the module. Table 2: The types of threats to the system and their impact (Table source: As created by author) Bluetooth is a standard developed for information interchange over a short distance. It operates in the range of 2402-2480 MHz for the transaction and is regulated but unlicensed. Threats Impact DOS DOS (Denial of Services), is an attack which stops the services that are provided by the wireless module. Signal jamming is an effective way of injecting noises into the system so that the devices that are connected to the system stop communicating with each other Bluejacking The Bluetooth user can transfer various data over a Bluetooth network. Bluejacking is sharing an infected file that can infect the user's phonebook and behave like a device that transmits the virus over to other phones that are connected to the specific device (Minar Tarique, 2012). Bluebugging It is a method of cracking the phone through Bluetooth hence enabling the hacker to access all the information available over the phone. The features like calling and sending the texts too can be controlled hence making this attack extremely effective way of creating a disaster Eavesdropping It is an advanced way of cracking the Bluetooth headset so that the data that are sent to the phone or is received by the headset can be deciphered for listening to the calls. Table 2: The types of threats to the system and their impact (Table source: As created by author) References Fahrny, J. W. (2016).U.S. Patent No. 9,332,320. Washington, DC: U.S. Patent and Trademark Office. Arnold, T. W., Dames, E. A., Marik, M. D. (2016).U.S. Patent Application No. 15/096,372. Zhou, J., Ma, M., Feng, Y., Nguyen, T. N. (2015). A symmetric key-based pre-authentication protocol for secure handover in mobile WiMAX networks.The Journal of Supercomputing, 1-18. Latha, M., Arockiasamy, S. (2012). The Performance Evaluation of QoS in Wireless Personal Area Network (WPAN) on Impact of Bluetooth Worms.Journal of Wireless Networking and Communications,2(5), 111-116. Xiao, Y., Cao, J., Lai, X., Huang, Z., Zhang, B., Qin, Z., Song, Q. (2015).U.S. Patent No. 8,984,287. Washington, DC: U.S. Patent and Trademark Office. Minar, N. B. N. I., Tarique, M. (2012). Bluetooth security threats and solutions: a survey.International Journal of Distributed and Parallel Systems,3(1), 127.