Methods and devices for establishing security associations and performing handoff authentication in communications systems

What is claimed is: 1. A method of providing secure communications between a first base station, a first relay station, and a mobile station in a communication network, the method comprising: receiving, by the first relay station, a signaling message from the mobile station, the signaling message including an identifier corresponding to the mobile station; transmitting, by the first relay station, subsequent to receiving the signaling message, a security key request to the first base station; receiving, by the first relay station, a security key from the first base station in response to the previously sent security key request, wherein the security key was generated from a prior authentication of the mobile station using signals transmitted through one of a second relay station, the first base station, or a second base station from which the mobile station was handed off to the first relay station; and authenticating, by the first relay station, the mobile station by verifying the identifier using the received security key generated from the prior authentication. 2. The method of claim 1 , wherein the receiving of the signaling message includes receiving a ranging request. 3. The method of claim 1 , further including receiving the security key as a master key. 4. The method of claim 3 , further including receiving the master key as an authentication key (AK). 5. The method of claim 1 , further comprising receiving the security key as a verification key. 6. The method of claim 5 , wherein receiving the security key as a verification key includes receiving the security key as a message authentication code key (MACK). 7. The method of claim 1 , further including receiving the signaling message including a message authentication code (MAC) corresponding to the mobile station; wherein the authenticating comprises verifying the MAC using the security key. 8. The method of claim 1 , further comprises performing, by the first relay station, at least one of a security association signaling protocol and a traffic encryption key (TEK) 3-way handshake with the mobile station. 9. The method of claim 8 , wherein performing, by the first relay station, at least one of a security association signaling protocol and a TEK 3-way handshake with the mobile station comprises performing at least one of a security association-traffic encryption key (SA-TEK) 3-way handshake and a TEK 3-way handshake with the mobile station. 10. The method of claim 1 , further comprising: generating, by the first relay station, a traffic key; and transmitting, by the first relay station, encrypted data to the mobile station using the traffic key. 11. The method of claim 1 , further comprising moving, by the first relay station, to a service area of a different base station. 12. The method of claim 1 , wherein communication between the first base station and the first relay station is wireless. 13. A method of providing secure communications between a target base station, a first mobile relay station, and at least one mobile station in a communication network, the method comprising: transmitting, by the first mobile relay station, a signaling message to the target base station, the signaling message including a message authentication code (MAC) corresponding to the at least one mobile station; receiving, by the first mobile relay station, a responsive signaling message from the target base station; receiving, by the first mobile relay station, at least one security key corresponding to the at least one mobile station from the target base station, wherein the at least one security key was generated from a prior authentication of the at least one mobile station using signals transmitted through one of a second mobile relay station, the target base station, or a second base station from which the at least mobile station was handed off to the first mobile relay station; and authenticating, by the first mobile relay station, the at least one mobile station by verifying the MAC using the at least one security key generated from the prior authentication of the at least one mobile station. 14. The method of claim 13 , wherein the receiving at least one security key corresponding to the at least one mobile station includes receiving the at least one security key in a secure tunnel mode. 15. The method of claim 13 , wherein the authenticating comprises performing IEEE 802.1X authentication. 16. The method of claim 13 , further comprising performing at least one of a security association signaling protocol and a traffic encryption key (TEK) 3-way handshake between the first mobile relay station and the target base station. 17. The method of claim 16 , wherein performing, by the first mobile relay station, at least one of a security association signaling protocol and a TEK 3-way handshake with the mobile station comprises performing at least one of a security association-traffic encryption key (SA-TEK) 3-way handshake and a TEK 3-way handshake with the mobile station. 18. The method of claim 13 , wherein the receiving at least one security key comprises receiving the at least one security key in tunnel mode. 19. The method of claim 13 , wherein the receiving at least one security key comprises receiving an authentication key (AK). 20. The method of claim 13 , further including receiving the security key as a verification key. 21. The method of claim 20 , wherein receiving the security key as a verification key includes receiving the security key as a message authentication code key (MACK). 22. The method of claim 13 , wherein communication between the target base station and the first mobile relay station is wireless. 23. A first relay station for providing secure communications in a communication network, the first relay station comprising: at least one memory to store data and instructions; and at least one processor configured to access the memory and configured to, when executing the instructions: subsequent to receiving a signaling message from a mobile station, transmit a security key request to a first base station, the security key request including an identifier corresponding to the mobile station; and authenticate the mobile station by verifying the identifier using a security key received from the first base station in response to the previously transmitted security key request, wherein the security key was generated from a prior authentication of the mobile station using signals transmitted through one of a second relay station, the first base station, or a second base station from which the mobile station was handed off to the first relay station. 24. The first relay station of claim 23 , wherein the signaling message is a ranging request. 25. The first relay station of claim 23 , wherein the security key is a master key. 26. The first relay station of claim 23 , wherein the master key is an authentication key (AK). 27. The first relay station of claim 23 , wherein the security key is a verification key. 28. The first relay station of claim 23 , wherein the verification key is a message authentication code key (MACK). 29. The first relay station of claim 23 , wherein the signaling message includes a message authentication code (MAC) corresponding to the mobile station and the authenticating comprises verifying the MAC using the security key. 30. The