[SATLUG] Re: WiMAX Security and BSidesSATX 2014
sean at awaldt.com
Fri Mar 14 19:15:30 CDT 2014
Thanks for posting that info, I meant to look it up today but lost track of
Staying on the note of security, I just wanted to remind everyone that the
registration and call for papers are both open for BSidesSATX 2014. Active
duty military and students are free, everyone else is just $10!
On Mar 14, 2014 12:00 PM, <satlug-request at satlug.org> wrote:
> Send SATLUG mailing list submissions to
> satlug at satlug.org
> To subscribe or unsubscribe via the World Wide Web, visit
> or, via email, send a message with subject or body 'help' to
> satlug-request at satlug.org
> You can reach the person managing the list at
> satlug-owner at satlug.org
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of SATLUG digest..."
> Today's Topics:
> 1. WiMAX MAC Security (Chad Wilson)
> Message: 1
> Date: Fri, 14 Mar 2014 09:42:48 -0700 (PDT)
> From: Chad Wilson <typedeaf at yahoo.com>
> Subject: [SATLUG] WiMAX MAC Security
> To: "satlug at satlug.org" <satlug at satlug.org>
> <1394815368.83466.YahooMailNeo at web181501.mail.ne1.yahoo.com>
> Content-Type: text/plain; charset=us-ascii
> Hi all. My first post to this mailing list!
> Last night at the SAT LUG meeting, a discussion about OSes for portable
> device led to a discussion on WiMAX security weaknesses.
> I made a suggestion that they could use shared key crypto to combat the
> threat of MITM attacks, and it was one persons opinion that cryptographic
> security could not be employed at MAC layer.
> I did a Google search on "WiMAX security" and wanted to share what I found.
> It appears that WiMAX uses IEEE 802.16 wireless protocol, which is chock
> full of security mechanisms employing just about every symmetric,
> asymmetric and hashing algorithm known to man.
> This article addresses several known vulnerabilities at the data link
> layer, specifically the man-in-the-middle attack:
> The recommendation made by some security analysis team was to employ
> Diffie-Hellman key exchange at the MAC layer to solve the problem.
> Where I work, we deploy thousands of devices that communicate back to a
> centralized server using both Zigbee and a PPP internet connection over a
> private tunnel using the G3 mobile network.
> Zigbee, IEEE 802.15, is another wireless communications protocol that uses
> asymmetric key crypto at the MAC layer.
> We add the key to the device when the firmware is burned in. So the key is
> tied to a MAC address, which is also burned into the device.
> SATLUG mailing list
> SATLUG at satlug.org
> Powered by Rackspace (http://rackspace.com)
> End of SATLUG Digest, Vol 122, Issue 6
More information about the SATLUG