Table of Contents
Advertisement
Classification
(12)~(16)
(17)~(19)
(20)~(21)
Keys and Functions
The functions of the keys are as follows.
- MSK: creates the AK
- AK: creates the CMAC key
- KEK: encrypts the TEK
- CMAC key: provides integrity for the MAC management message
- TEK: encrypts traffics in wireless sections
© SAMSUNG Electronics Co., Ltd.
Mobile WiMAX Outdoor RAS SPI-2331 System Description/Ed.02
When the EAP authentication is completed successfully, the ACR receives the
Master Session Key(MSK) which is the prior key to provide the security and the
Provisioned Policy on each subscriber via the DEA message from the AAA server.
The ACR creates the AK from the MSK, and transmits the
Key_Change_Directive message including the created AK Context information
and the Security Association(SA) information of the MS to the RAS. In addition,
the RAS relays EAP Success to the MS by using PKMv2-EAP-Transfer.
After the EAP authentication, the RAS verifies the AK key value which it has with
MS, and transmits the SA-TEK-Challenge message to the MS to notify the start
of the SA negotiation, and the MS verifies the CMAC of the SA-TEK-Challenge
message, checks the AK key value, and transmits the SA negotiation information
to the RAS by using SA-TEK-Request. The RAS transmits SA-TEK-Response
including the AKID and the SA Descriptor which is the final result of the SA
negotiation to the MS.
The MS requests the Traffic Encryption Key(TEK) to the RAS by using PKMv2
Key-Request, and the RAS creates the TEK randomly and transmits it to the MS
by using the PKMv2 Key-Reply message. Then, the TEK is transmitted by being
encrypted via the Key Encryption Key(KEK).
Description
(Continued)
4-5
Advertisement
Table of Contents
