As with all other technologies discussed in this book, security is of primary importance for 802.16 systems. Network operators require protection against fraudulent use and users need security measures to prevent third parties from using their subscription and generating costs for services they did not use. Furthermore, security mechanisms also have to ensure that the user's data cannot be intercepted and decoded by anyone but the network and the user, by listening on the air interface. Similar to other wireless systems, security is achieved by user authentication during the network entry procedure and on a periodical basis for the duration of the connection. To protect transmitted data, encryption is used with an individual ciphering key per user. Methods to protect users against other users of the network who might try to hack into their systems is, as in other wireless systems, not specified and left to the network operator or the users.
Contrary to other wireless systems, 802.16 uses public key authentication and cryptography to validate the credentials of a SS. The method works as follows: Each subscriber station is assigned a private and a public key by the manufacturer. The subscriber's public key is known to the network, while the private key remains secret and is never transmitted over the air interface. Data encrypted with the public key can only be decrypted with the private key. It is not possible to encrypt data with the public key ...