1 Introduction

Wireless broadband networks have emerged as a promising wireless technology due to their high data rate [1], wide coverage, low cost and built in support for mobility [2, 3]. In spite of all the advantages, there are numerous security issues which may result in deployment challenges. A significant security aspect is an authentication. WiMAX and LTE-A offer a flexible means for authenticating Subscriber Stations and users to protect against unauthorized use [4]. Prime authentication mechanism directly adopted by the IEEE 802.16e is the extensible authentication protocol (EAP) based authentication. Authentication server (AS) and authentication, authorization, and accounting (AAA) server are the two primary entities responsible for the EAP-based authentication of a user. It also helps the users to choose the appropriate mechanisms to get authenticated in a particular location [46].

At the same time, LTE-A network witnesses different access authentication procedures such as EPS-AKA during handover to the E-UTRAN, the EAP-AKA or the EAP-AKA’ during handover to trusted non-3GPP access networks and IKEv2 with EAP-AKA or EAP-AKA’ during handover to untrusted non-3GPP access networks, being followed in diverse mobility scenarios. [7].

A standards-developing body called the 3GPP has developed a 4G mobile technology named as Long Term Evolution, otherwise known as 4G LTE [8]. This technology is more advanced than the existing mobile technology because the users can have special features like VoIP, high-quality video conferencing, video messaging in their mobile phones. However, mention has not yet been made about the handover preparations in the 4G LTE systems standards. IEEE 802.16 otherwise known as WiMAX is also capable of providing high-speed internet access in the wide area. Hence, it is firmly believed that the integration of WiMAX and LTE networks can provide a complete wireless scheme for delivering high-speed Internet access to businesses, homes, and hot mobile nodes by combining their special features. [9].

2 Related Works

As most applications are being driven highly by mobile users, there is a need to study the mobility issue as part of the system [3]. When a Mobile Station (MS) handovers from one Base Station (BS) to another, the MS has to undergo complete EAP authentication with the AS. It involves a series of steps which can be summarized as a 3-way handshake with BS and finally exchanging the traffic encryption key (TEK) [10]. However, EAP mechanism takes excessive time due to its public key cryptographic operations [11]. Also, the round trip time (RTT) associated with every handoff is time consuming. Any failure in this process may lead to session termination due to latency or lack of resources. In order to reduce the latency that occurs during the handover, mobile WiMAX supports recycling techniques on the authentication key materials, allowing users to reuse key materials from the previous authentication. However, it creates critical security issues such as a lack of valid entity authentication [2, 12].

The handover process of WiMAX involves scanning [1316] and it is one of the required phases to locate the target BS [17]. However, the redundant or unnecessary scanning of neighbor BSs effectuates delay and results in an MAC overhead which consequently is likely to affect real-time applications. To reduce scanning delay, Lu et al. [18] propose a scanning scheme which estimates the approximate location of the MS so that the number of scanned neighbor BSs can be controlled.

Ben-Mubarak et al. [17] propose a fuzzy logic based self-adaptive handover algorithm to provide efficient handover decisions. Based on the MS velocity and RSSI value, handover parameters such as handover threshold and handover margin are all rendered self-adaptive. Their simulation results show that the algorithm can reduce the number of ping-pong handovers and handover delay.

Various solutions that are aimed at improving latency resulted in security compromise [9, 19]. Shing et al. proposed a key caching mechanism to speed up the handover for mobile WiMAX. By this mechanism, when an MS leaves the old ASN-GW, the MS key records are cached in the old ASN-GW. The MS uses the cached MSK, if it returns to the ASN-GW before the lifetime expires [20]. Apart from its regular routines, ASN-GW is again loaded with storage components to store the used credentials. On the other hand, the old ASN-GW consumes extra storage to maintain the MS key records when the MS leaves the old ASN-GW, which is a major overhead. Re-authentication is a compressed form of full EAP-based authentication in handover by reusing the authentication parameters exchanged between the AS and the MS in the last authentication. The EAP re-authentication protocol (ERP) allows MS and the AS to use the extended master session key (EMSK) from the previous EAP authentication for Master Session Key (MSK) derivation. Thus, instead of carrying out a full EAP authentication, the MS and the AS will only need a single round trip to exchange the ERP messages. It reduces the overhead considerably [21, 22]. Discarding the other issues, our work is aimed at improving the efficiency of authentication thereby achieving seamless handover in mobile WiMAX which can be directly adapted to LTE and LTE-A Networks also since they share the same MAC Layer. This paper is organized as follows: The primary authentication mechanism using EAP is described in Sect. 3. The proposed work UPP-KC is discussed in Sect. 4. The formal verification using probabilistic distributions and the performance analysis of our proposal are presented in Sects. 5 and 6 respectively. Finally, in Sect. 7, we conclude the paper along with the direction for future work.

3 System Background

3.1 EAP Framework and Authentication

The basic authentication in WiMAX is carried out using the AAA server. EAP [23] is used for this basic authentication, and it is encapsulated in Privacy Key Management (PKMV2) [2022, 24]. The IEEE 802.1X authentication scheme is used for the initial network entry as shown in Fig. 1. The necessary process of authentication is through ASN-GW which serves as the authenticator for MS. It forwards the authentication messages between the AAA server and the MS. ASN-GW stores information after authentication. The authenticator sends the EAP request message to MS which in turn responds with the EAP response and the user identity (AAA server address and user account). The message is then forwarded to the AAA server using the AAA server address. Then the AAA server issues an EAP request to MS which responds with a random number MS-RAND. The AAA server contacts Home Location Register (HLR) to obtain a RAND number and generate a Signed RESponse (SRES) and a cipher key Kc. The AAA then utilizes the Kc and MS-RAND to compute MSK and EAP integrity key KEAP. Message Authentication Code (MAC) is derived from KEAP, and the AAA sends the MAC and the RAND to MS. The MS then uses the RAND, MS-RAND, and Ki (from sim card) to generate its SRES*, Kc, MSK, KEAP. Then it verifies the MAC it receives from the AAA server. It ensures that the AAA server is authenticated. The MS then responds with MAC*, SRES*, KEAP. The AAA also verifies the MAC* using the SRES ensuring MS is authenticated. The MSK, MSK lifetime and the MS authorization profile are sent to ASN-GW. The ASN-GW derives AK using the BS address and MSK. The MS is informed with the successful authentication message. The BS then generates the TEK to ensure the integrity. Figure 1 describes the Network entry procedure that is involved in the general EAP based authentication scheme that is followed in the Mobile WiMAX.

Fig. 1
figure 1

Initial network entry in IEEE 802.1x

Full size image

Those algorithms that are required to be used to derive keys and generate keys are defined in the PKMV2. Once the successful authentication and authorization process is over, Source Key materials are generated. These source keys play the role of a parent from which all the forthcoming derivatives are derived. These keys are responsible for ensuring management message integrity to deliver the traffic encryption keys at both the ends. All the keys that are derived in PKMV2 are through Dot16KDF.

PKMV2 supports two authorization schemes: Firstly, it is used for authorization based on RSA and secondly for authentication based on EAP.

The Authorization Key (AK) will be derived by the SS and BS as a successful outcome of the Authentication and Authorization based on EAP and RSA respectively as shown in Fig. 2.

Fig. 2
figure 2

Key derivation of AK from MSK

Full size image

Once the Mutual Authentication is achieved, the BS generates a pre-primary authorization key (pre-PAK) and forwards it to SS by encrypting this key with the Public key of SS certificate. PAK is generated from Base Station Identifier (BSID) and the received pre-PAK with MAC address of SS [25].

In the EAP authentication mode, a 160-bit EAP integrity key (EIK) is derived from pre-PAK. This protects the first group of EAP exchange message. EAP exchanges produce a 512-bit MSK. It is known to AAA server, the Authenticator (BS) and the receiver (SS). The Pairwise Master Key PMK is generated from the MSK by truncating MSK to 160 bits at both sides. This is shown in Fig. 2.

After every successful authentication the BS or SS requests for an authorization policy. Usually, EAP performs two round authentication operations. The negotiations after the successful first round of authentication imply that the SS and BS perform two rounds of EAP. Once this 2nd round is completed, the AK is generated in BS and SS.

4 Pattern Based User Path Prediction and Authentication Mechanism (UPP-KC)

Like caching, based on retrieval and replacement policies, this is a kind of approach that depends on the user activity or behavior in mobile data management. That is to say, it is servicing the user groups by predicting their move often towards various landmarks [26]. An all-time favorite DNA structure reveals the facts about a human being. This can be considered as a classical example of pattern based data management. With the help of numerous user activity patterns, data deliverables to the users at the right spot will even get faster. Like data mining, mining of user behavior patterns helps in making various permutations and combinations to predict the user activity. The frequent access to railway subway for ticketing is one such a sequential approach. There is more number of such sequential behavior, or user activity is mined to get different approaches in the mining of sequential patterns [2732] Here we have considered one such approach that reveals the fact of Pattern based mobile data management approach.

The proactive authentication scheme was a successful attempt at predicting the next move or location of a mobile user to provide service at the right time and place. Such a prediction [33] can be done through multiple activities of a user. Multiple activity is composed of region movement [26, 34, 35], client request and concurrences of both or interleaving of all the above. This is simply like listing all the ‘n’ ways to a specific location and every route to attain the destination is said to be pattern. Let us consider the example of MU1 (Mobile user 1) and MU2 (Mobile user 2) start from the same location A. MU1 starts from A and goes to a new location B for lunch and moves to another location C for shopping, then to D for shopping again and to E for a watching a movie, and eventually to a subway at F and then to the final destination G. Let MU2 move from A to B for lunch; then after lunch to a new location E to request a store service in his current location E; let him now move to the next location F to meet a stock market assistance and finally through subway let him reaches his destination D. From the above examples we have classified the service patterns into three; they are defined by the examples again.

  • Both starts from the same location A and reaches B for lunch is an example of Location-service pair pattern.

  • Then they go to different places C and D but requesting for the same service is an example of Service-only pattern.

  • After reaching the same location F and requesting for different services is an example of Location-only pattern.

With these patterns we have designed a proactive authentication management algorithm for users to continue their service independent of their locations.

With fast moving users, handovers occur more frequently and the available handover authentication mechanisms do deteriorate. To support fast moving users, we propose a key caching mechanism with User Path Prediction (UPP-KC). Mobility of fast moving users is not always random. Most of the users fall in a general pattern, which can be extracted and used for authentication. The user mobility is logged in the user database of the AAA server. Fast moving users following a general pattern will have frequent visits to some BSs. Every visit of the user will be logged and pattern mining algorithms can be used on these logs to determine the frequent pattern. Once the pattern is determined and every user is associated with his frequent pattern [3638], the authentication keys can be multicast to the BSs in that pattern and the MSK is cached in the pattern to facilitate fast authentication during handoffs as shown in Fig. 3. The authentication mechanisms based on UPP-KC during the initial network entry and during handoffs are described below

Fig. 3
figure 3

Authentication for frequent user path prediction

Full size image

  • Case 1: Initial Network entry

    Step 1.:

    As with normal authentication mechanisms, all the steps of IEEE 802.1X authentication take place during the initial network entry and the MSK is derived for the user (MS).

    Step 2.:

    Once the MS enters the network after its initial authentication, the frequent pattern of the MS is determined from the User Database log of the AAA server.

    Step 3.:

    The MSK established during the initial network entry is given to the BSs in the frequent pattern of the MS.

  • Case 2: Handover authentication

    Step 1.:

    The identity of the MS is examined by processing the certificate using certificate authority (CA).

    Step 2.:

    Once the identity of the MS is confirmed, the MSK obtained by the BS is used directly.

A detailed description of the message exchanges that occur in UPP-KC based handoff authentication is described in Fig. 4.

Fig. 4
figure 4

UPP-KC based handover authentication

Full size image

5 Mathematical analysis

5.1 Systematic analysis of existing algorithm with UPP-KC algorithm

Although this proposed algorithm effectively avoids the execution of IEEE 802.1X authentication, it consumes extra storage to keep track of the user’s pattern along with the key which includes 512 or 1024 bits totally. This can be justified with the fact that the actual time taken by the user to follow normal IEEE 802.1X authentication mechanism is extremely large.

5.2 Movement Time Line of MS

Let, t0—Initial network entry authentication occurs, t1—MS moves to a random ASN or new ASN, t2—MS moves via the predicted pattern, tn—End point of mobility

Hence,

$${\text{T}}_{\text{k}} = {\text{t}}_{\text{n}} - {\text{t}}_{1}$$
(1)

If MS does not take the path via pattern, the key remains unused.

If the MS follows predicted pattern, the time taken would be,

$${\text{T}}_{\text{k}}^{*} = {\text{T}}_{\text{k}} {-}{\text{S}},\quad {\text{where}}\;{\text{S}} = {\text{t}}_{2} - {\text{t}}_{1}$$
(2)

Tk—Entire life time, which may vary exponentially, T *k —Reuse period As with any stochastic process, the comparison of IEEE 802.1X mechanism with UPP-KC mechanism can be accomplished by analyzing the time factor.

Three output measures are evaluated in our study:

  1. 1.

    α: the probability that the MS returns to the old ASN-GW

  2. 2.

    E [Tk| (t2 − t1) ≥ Tk]: The MS doesn’t take the predicted path

  3. 3.

    E [T *k | (t2 − t1) ≥ Tk]: MS uses the path along the pattern

We derive the above output measures for exponentially distributed S with fixed T and then generalize the derivation for generally distributed S with exponentially distributed T.

5.2.1 Derivation for Exponentially Distributed S and Fixed T

The departure of the MS from the old ASN-GW is a random observer to the MSK lifetime. For the fixed MSK lifetime T, from the residual life theorem, Tk has a uniform distribution over 0 ≤ Tk ≤ T. Then, α is derived as

$$\alpha = P\left[ { T \le T_{k} } \right]$$
$$= \mathop \int \limits_{{T_{k} = 0}}^{T} \left( {\frac{1}{T}} \right)\left( {\mathop \int \limits_{S = 0}^{{T_{k} }} \lambda e^{ - \lambda S} dS} \right)dT_{k}$$
$$\alpha = \frac{{e^{ - \lambda T} + \lambda T - 1}}{\lambda T}$$
$$E [T_{k} | S \ge T_{k } ] = \frac{{E \left[ { T_{k} \;and\; S \ge T_{k } } \right]}}{{P \left[ { S \ge T_{k} } \right]}}$$
$$E \left[ {T_{k} \,and \,S \ge T_{k } } \right] = \mathop \int \limits_{S = 0}^{T} \lambda e^{ - \lambda S} \left( {\mathop \int \limits_{{T_{k} = 0}}^{S} T_{k} \left( {\frac{1}{T}dT_{k} } \right)} \right) + \mathop \int \limits_{S = T}^{\infty } \lambda e^{ - \lambda S} \left( {\mathop \int \limits_{{T_{k} = 0}}^{T} T_{k} \left( {\frac{1}{T}dS} \right)} \right)$$
$$= \frac{{1 - e^{ - \lambda T} }}{{\lambda^{2} T}} - \frac{{e^{ - \lambda T} }}{\lambda }$$
$$E [T_{k} | S \ge T_{k } ] = \frac{{E \left[ { T_{k} and S \ge T_{k } } \right]}}{{P \left[ { S \ge T_{k} } \right]}}$$
$$= \frac{{1 - e^{ - \lambda T} }}{{\lambda^{2} T}} - \frac{{e^{ - \lambda T} }}{\lambda }\left( {\frac{1}{1 - \alpha }} \right)$$
$$= \frac{1}{\lambda } - \frac{{Te^{ - \lambda T} }}{{1 - e^{ - \lambda T} }}$$

similarly,

$$E [T_{k}^{*} | S \le T_{k } ] = \frac{{E \left[ { T_{k}^{*} and S \le T_{k } } \right]}}{{P \left[ { S \le T_{k} } \right]}}$$

where,

$$E \left[ {T_{k}^{*} \,and\, s \le T_{k} } \right] = \mathop \int \limits_{{T_{k} = 0}}^{T} \left( {\frac{1}{T}} \right)\left[ {\mathop \int \limits_{S = 0}^{{T_{k} }} \left( {T_{k} - S } \right) \lambda e^{{ - \lambda T_{k} }} dS } \right] dT_{k}$$
$$= \frac{T}{2} - \frac{1}{\lambda } + \frac{{1 - e^{ - \lambda T} }}{{\lambda^{2} T}}$$

from the above equations,

$$E \left[ {T_{k}^{*} \,and \, s \le T_{k} } \right] = \left( {\frac{T}{2} - \frac{1}{\lambda } + \frac{{1 - e^{ - \lambda T} }}{{\lambda^{2} T}}} \right)\left( {\frac{1}{\alpha }} \right)$$
$$= \left( {\frac{T}{2} - \frac{1}{\lambda } + \frac{{1 - e^{ - \lambda T} }}{{\lambda^{2} T}}} \right)\left( {\frac{\lambda T}{{e^{ - \lambda T} + \lambda T - 1}}} \right)$$
$$= \left( {\frac{{\lambda T^{2} }}{{2\left( { \lambda T + e^{ - \lambda T} - 1} \right)}}} \right) - \left( {\frac{1}{\lambda }} \right)$$
(3)

5.2.2 Derivation for Generally Distributed S and Exponential T

Tk is exponentially distributed with mean E[T] = 1/μ. Let S have an arbitrary distribution with density function f(S) and Laplace transform f(S). Then, α is derived as

$$\alpha = \mathop \int \limits_{{T_{k} = 0}}^{\infty } \mu e^{{ - \mu T_{k} }} \left( {\mathop \int \limits_{S = 0}^{{T_{k} }} f\left( s \right)dS} \right) dT_{k} = f^{*} \left( \mu \right)$$
$$E \left[ {T_{k} \,and \,s \ge T_{k } } \right] = \mathop \int \limits_{S = 0}^{\infty } f\left( s \right)\left( {\mathop \int \limits_{{T_{k} = 0}}^{S} T_{k} \mu e^{{ - \mu T_{k} dT_{k} }} } \right)ds$$
$$= \frac{1}{\mu } + \left( {\frac{{df^{*} \left( s \right)}}{ds}} \right) - \frac{{f^{*} \left( \mu \right)}}{\mu }$$
$$E \left[ {T_{k} | s \ge T_{k} } \right] = \frac{{{\text{E }}\left[ {{\text{T}}_{\text{k}} \,{\text{and \,s }} \ge {\text{T}}_{\text{k}} } \right]}}{{{\text{P}}\left[ {{\text{T}}_{\text{k}} | {\text{s }} \ge {\text{T}}_{\text{k}} } \right]}}$$
$$= \left\{ {\frac{1}{\mu } + \left( {\frac{{df^{*} \left( s \right)}}{ds}} \right) - \frac{{f^{*} \left( \mu \right)}}{\mu }} \right\}\left\{ {\frac{1}{{1 - f^{*} \left( \mu \right)}}} \right\}$$
$$E \left[ {T_{k}^{*} \,and \,s \le T_{k} } \right] = \mathop \int \limits_{{T_{k} = 0}}^{\infty } \mu e^{{ - \mu T_{k} }} \left( {\mathop \int \limits_{s = 0}^{{T_{k} }} \left( {T_{k} - s} \right) f\left( s \right)ds} \right)dT_{k} = \frac{{f^{*} \left( \mu \right)}}{\mu }$$
$$E \left[ {T_{k}^{*} | s \ge T_{k} } \right] = \frac{{E \left[ {T_{k}^{*} \,and \, s \ge T_{k} } \right]}}{{P\left[ {s \le T_{k} } \right]}}$$
(4)

6 Performance Measure

Table 1 depicts the strength of our proposed UPP-KC with respect to the authentication mechanisms that are proposed for the same issue. The authentication mechanism based on User Path Prediction reduces the authentication latency by 32% for the given input compared with the existing IEEE 802.1X mechanism. Therefore on a medium scale, the UPP-KC algorithm is proved to be better than the existing one considering fast authentication. When the availability of the cached MSK is considered, Whenever the user deviates from the redundant path, the deviation is recorded and it is considered for determining the pattern, next time. The performance measure is found by taking the ratio of slope values of the vectors and the parameters from the analytic proof discussed in the previous section. Based on the Eqs. 3 and 4, a graph is constructed for both the mechanisms and a comparison is made as shown in the Figs. 5 and 6. The graph is constructed by marking the expectation values (E[t]) along the horizontal axis and the total mobility time (t) values along the vertical axis. Values of UPP-KC mechanism for bestcase, average case, and worst case are compared with the IEEE 802.1X mechanism and plotted in a planar graph. It has been found that under best and average case scenarios, the UPP-KC mechanism is exponentially efficient with the reduction in latency, whereas in worst case scenario, it coincides with the existing work depicting the fact that if the user does not have frequent path, or if the user is not frequently mobile, UPP-KC mechanism is not efficient and hence follows the standard procedure. For simulating the proposed model, the Network Simulator ns-2 is used. ns-2 as such does not support WiMAX technology. Therefore, the WiMAX patch with WiMAX 802.16 PHY and MAC functions for ns-2, provided by National Institute of Standards and Technology (NIST) is used.The performance evaluation based on the trace files of ns-2 is shown in Fig. 7. The RTT for authentication message exchanges between the UPP-KC authentication and normal IEEE 802.1x are plotted in Fig. 8. Load imposed on the MME and HSS is analysed for various authentication schemes in Fig. 9.

Table 1 Comparison of Key Caching based UPP-KC with other Mechanisms
Full size table
Fig. 5
figure 5

Comparison of IEEE 802.1X with UPP-KC. (UPP-KC—Exponential and IEEE 802.1X—Fixed)

Full size image
Fig. 6
figure 6

Comparison of IEEE 802.1X with UPP-KC. (UPP-KC—Fixed and IEEE 802.1X –Exponential)

Full size image
Fig. 7
figure 7

Authentication of MS in the predicted path

Full size image
Fig. 8
figure 8

Simulation based analysis of UPP-KC with IEEE 802.1X

Full size image
Fig. 9
figure 9

Load Comparison of Authentication Protocals at MME

Full size image

Table 2 describes the spectrum utilization parameter for the heterogeneous network and the comparison of the existing protocols with our proposed caching UPP-KC.

Table 2 Spectrum utilization by our proposed key caching based UPP-KC
Full size table

7 Conclusion and Future Work

This paper has proposed UPP-KC, a caching mechanism where the keys are cached only along a predicted path. The most frequent pattern in the user’s path is determined using appropriate pattern predicting algorithm to minimize the computational complexity. The resources for authentication can be reserved along this pattern so as to reduce the wastage of resources and making authentication faster along the pattern as the resources are already reserved. The future work is aimed at analysing and extracting all the services that a user avails in a particular BS. This will allow us to provide only those services that the user frequently avails in a BS [39, 40], thereby further optimizing the allocation of resources without compromising on security or handoff time.

Using shared master keys as the base for key derivation might be a possible weakness. In the event of the master keys (pre-PAK and MSK) being not kept secret and the authentication processes being not made fool proof, a malicious user could listen to connection or even hijack it. However, this weakness is implementation dependant, because it is the manufacturer who decides the selection of the preferred authentication method (EAP).