Skip to content

Authorisation Key (AK) Management in IEEE 802.16 Network

June 30, 2010

The keying information’s of all its SAs are maintained by the BS. The PKMv1 protocol uses public key cryptography to establish a shared secret key i.e. an AK between the SS and the BS. An unknown SS sends an Authorisation Request message to the BS. It initiates the activation of a new AK. The BS creates and then sends back this AK to requesting SS in Authorisation Reply message. Every AK has a predefined lifetime given by the BS. The AK remains active until it expires. An SS must reauthorize before the expiration of its current AK otherwise the BS considers this SS unauthorised and then no longer holds an active AK for it.

This is the responsibility of an SS for requesting authorisation to its BS and maintaining an active AK. By reissuing an Authorisation Request to the BS, an SS refreshes its AK. With the reception of an Authorisation Request message from an SS, the BS starts an AK transition period. The BS creates a single active AK for the SS. This AK is sent back with Authorisation Reply message to the SS. In reception of another Authorisation Request message, the BS sends back a second AK to the SS. It’s mentioned earlier that every AK has a predefined lifetime which is fixed by the BS. This second AKs lifetime is the remaining lifetime of the first AK and a predefined AK lifetime. After receiving this Authorisation Reply message, an SS starts sending of Key Request MAC management message encrypted with this AK.

The lifetimes of these two AKs overlap each other. The BS has the ability to support two active AKs in the same time for each client SS during an AK transition period. When the older key expires the key transition period ends. A configurable duration of time is maintained by every SS to schedule the beginning of reauthorisation. The BS does not need to know this time.  The BS maintains the AKs according to their predefined lifetime. AKs exercise is imperative when encryption keys are generated for more exchanges.

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: