Doc.: IEEE 802.11-12/0946r1 Submission July 2012 A proposal for next generation security in 802.11 built on changes in 802.11ac 16 July 2012 Slide 1 Authors:

Slides:



Advertisements
Similar presentations
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Advertisements

Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
Doc.: IEEE /0778r0 Report June 2014 Dorothy Stanley (Aruba Networks) Slide 1 P802.11REVmc Status and Overview Date: Authors:
Some New RSA Mechanisms for PKCS #11 Burt Kaliski, RSA Laboratories PKCS Workshop April 14, 2003.
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Doc.: IEEE /770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: Authors: Russ Housley (Vigil Security), et.
Doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:
Submission doc.: IEEE 11-12/1253r1 November 2012 Dan Harkins, Aruba NetworksSlide 1 Why Use SIV for 11ai? Date: Authors:
Cryptography and Network Security (CS435) Part Ten (Hash and MAC algorithms)
Cryptography and Network Security Chapter 12 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Doc.: IEEE /0946r3 Submission August 2012 A proposal for next generation security in built on changes in ac 23 August 2012 Slide.
Doc.: IEEE /1454r7 Submission March 2013 IEEE 802 JTC1 Standing Committee Proposal for SC6 contribution process 20 March 2013 Haasz et al, IEEESlide.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
1 Notification Rate Control draft-ietf-sipcore-event-rate-control th IETF,
Doc.: IEEE /1341r0 Submission September 2011 Andrew Myles, CiscoSlide 1 JTC1 SC September Closing Report 22 Sept 2011 Authors: Meeting.
1 September, 2002 doc:.: /386r0 Daniel V. Bailey, William Whyte, Ari Singer, NTRU 1 Project: IEEE P Working Group for Wireless Personal.
Submission doc.: IEEE /1013r0 September 2015 Guido R. Hiertz et al., EricssonSlide ae & ax Date: Authors:
Doc.: IEEE /0580r0 Submission May 09 Myles et al (Cisco)Slide 1 Discussion on the proposal to start a new Security SG in WG.
WEP Protocol Weaknesses and Vulnerabilities
Doc.: IEEE r0 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:
Submission doc.: IEEE /1014r0 September 2015 Guido R. Hiertz et al., EricssonSlide 1 Multiple BSSID element Date: Authors:
Doc.: IEEE /0795r2 Submission July 2014 The China NB contributed a variation on the “usual comment” on IEEE China NB comment on
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
Doc.: IEEE /0315r4 Submission July 2009 Dan Harkins, Aruba NetworksSlide 1 Enhanced Security Date: Authors:
ANSI X9.44 and IETF TLS Russ Housley and Burt Kaliski RSA Laboratories November 2002.
Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.
OSPF WG Cryptographic Algorithm Implementation Requirements for OSPF draft-bhatia-manral-crypto-req-ospf-00.txt Vishwas Manral, IPInfusion Manav Bhatia,
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
Doc.: IEEE /1064r2 Submission Channelization for 11ac Date: Youhan Kim, et al.Slide 1 Authors: September 2010.
ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.
Issue EAPoL-Key message generation at WTP or AC Issue 199, summarized as:...the WTP maintains the KeyRSC while the AC requires this information to.
Doc.: IEEE /1147r1 Submission November 2009 David Halasz, AclaraSlide 1 Path Protection Date: Authors:
RADIUS Attributes for the Delivery of Keying Material Joe Salowey Jesse Walker Tiebing Zhang Glen Zorn.
Submission doc.: IEEE /313r1 March 2016 Guido R. Hiertz, Ericsson et al.Slide 1 The benefits of Opportunistic Wireless Encryption Date:
Doc.: IEEE /0452r0 Submission Mar 2016 Myles & Ecclesine, CiscoSlide 1 Recommendation on disposal of liaison from ISO/IEC JTC1/SC25/WG3 relating.
Doc.: IEEE /0099r2 Submission Jan 2013 A resolution proposal comments related to for next generation security in built on changes in ac.
History and Implementation of the IEEE 802 Security Architecture
Enhanced Security Features for
July 2010 doc.: IEEE /0903r0 A resolution proposal comments related to for next generation security in built on changes in ac 14.
IEEE 802 EC July Motions Date: Authors: Name
Enhanced Security Features for
<month year> doc.: IEEE < e> <May 2018>
October 2017 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [AES-256 for ] Date Submitted: [17.
doc.: IEEE xxx Bob Beach Symbol Technologies
October 2017 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [AES-256 for ] Date Submitted: [17.
Key Descriptor Version in EAPOL Key Frames
IEEE 802 JTC1 Standing Committee May 2018 (Warsaw) closing report
<month year> doc.: IEEE < e> <May 2018>
Mesh Frame Formats Date: Authors: July 2007 March 2007
IEEE 802 JTC1 Standing Committee July 2018 opening report for EC
IEEE 802 JTC1 Standing Committee July 2018 (San Diego) closing report
Motions for 2007/09 Date: Authors: September 2007
July 2010 doc.: IEEE /0903r0 A proposal for next generation security in built on changes in ac 23 August 2012 Authors: Name Company.
TGac Ad-hoc lifecycle model
IEEE 802 JTC1 Standing Committee Mar 2017 closing report
AP Power Down Notification
July 2008 doc.: IEEE /0833r0 July 2008 A Proposed Scale-down Solution to A-MPDU DoS Related Comments in LB 129 Date: Authors: Luke.
TGaf San Francisco Closing Report
doc.: IEEE /454r0 Bob Beach Symbol Technologies
CID#89-Directed Multicast Service (DMS)
LB97 Coex: Duplicate DSSS
Clause 7 Comment Resolutions
Motions for 2007/09 Date: Authors: September 2007
July 2010 doc.: IEEE /0903r0 A resolution proposal comments related to for next generation security in built on changes in ac 14.
IEEE 802 JTC1 Standing Committee Mar 2017 closing report
Report on Date: Authors: May 2019 July 2013
July 2008 doc.: IEEE /0833r0 July 2008 A Proposed Scale-down Solution to A-MPDU DoS Related Comments in LB 129 Date: Authors: Luke.
80 MHz Channelization Date: Authors: July 2010 Month Year
Presentation transcript:

doc.: IEEE /0946r1 Submission July 2012 A proposal for next generation security in built on changes in ac 16 July 2012 Slide 1 Authors: NameCompanyPhone Joe SaloweyCisco Stephen OrrCisco Brian HartCisco Andrew MylesCisco Dan HarkinsAruba dharkins at arubanetworks dot com Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July 2012 LB188 contains comments requesting the inclusion of updated security options in ac Comment Proposed change 11ac does not seem to have a sufficiently rich set of security options to meet Suite-B requirements Define a sufficient security toolkit for 11ac so that 11ac can meet Suite B requirements, including any transitional measures if required Number 6198 from Brian Hart (Cisco) Salowey et al (Cisco), Harkins (Aruba) Add support for GCM-256 and Suite B Adopt the changes specified in document 11-12/0711rX, where X is any revision (currently at zero) 6513 from Dan Harkins (Aruba) Now at r1

doc.: IEEE /0946r1 Submission July 2012 It is proposed that TGac consider inclusion of “Suite B-like” security features in ac in Sept Slide 3 Security mechanisms are evolving due to advances in computing & cryptographic science is missing “Suite B–like” security mechanisms that will be required in the near future ac should include new mechanisms that support “Suite B-like” requirements The inclusion of features like AES-GCMP will align ac with mechanisms used by other standards The integrity of & interoperability will be threatened unless the work is undertaken by A two step process that defines -a “transitional” set of mechanisms -A “Suite B-like” set of mechanisms Two “minimum Levels of Security” (mLoS) for each step to meet different security needs The proposed path for approval is discussion until September and consideration for inclusion into D4.0 at the Palm Springs meeting Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July 2012 Security mechanisms are evolving due to advances in computing & cryptographic science Security mechanisms are not static – they evolve over time due to advances in computing and cryptographic science –e.g. DES was deprecated and replaced by AES –e.g. SHA-1 will be disallowed by NIST after 2013, MD5 already is disallowed The “Suite B” profile defined by the USG NSA defines a consistent set of cryptographic algorithms to provide one of two levels of security –128-bit: SHA256 for hashing, P256 for key derivation, AES-128 for encryption –192-bit: SHA384 for hashing, P384 for key derivation, AES-256 for encryption Similar profiles are likely be demanded by others in the near future –Governments, e.g. US, Canadian and other governments are all known to want a higher bar –Security orgs, e.g. NATO, military –Industry orgs, e.g. financial services & health Slide 4 Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July is missing “Suite B–like” security mechanisms that will be required in the near future Slide 5 MAC Hash for PRF HMAC-SHA1, AES- 128-CMAC HMAC-SHA-1 & SHA-256 (only for 11r) EncryptionAES-CCMP-128 FeatureIEEE AES-128-GMAC for “128” security AES-256-GMAC for “192” security HMAC-SHA-256 for “128” security HMAC-SHA-384 for “192” security AES-128-GCMP for “128” security AES-256-GCMP for “192” security Note: ad D8.0 only defines the use of AES-128-GCMP, not AES-256-GCMP What is required for “Suite B-like” security? Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July 2012 The inclusion of features like AES-GCMP will align ac with mechanisms used by other standards Slide 6 IETF RFC 6460 “Suite B Profile for TLS1.2” IETF RFC 6380 “Suite B Profile for IPSec” Standard Defines two minimum Levels of Security (mLoS) -128 & 192 bit security using AES-GCM Defines a transitional mechanism using AES-CBC Defines two minimum Levels of Security (mLoS) -128 & 192 bit security using AES-GCM Description IEEE 802.1AE “MACsec” Defines use of AES-GCMP 128 and 256 -Using AES-GCMP 128 and 256 IEEE ad D8.0 “60GHz” Defines use of AES-GCMP 128 Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July 2012 The integrity of & interoperability will be threatened unless the work is done by The WG could decide to not undertake this work The “world will not end” because i based security will still be sufficient for many use cases However, increasingly it will not be sufficient in some use cases. In these situations there is a risk, if “Suite B like” features are not included in ac, that: –Other organisations will attempt to define variants of the standard to meet this need … … threating the integrity of the standard –Some companies will define proprietary solutions … … threatening the on-going interoperability of based systems Slide 7 Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July ac should include new mechanisms that support “Suite B-like” requirements Slide 8 Encryption Feature AES-128-GCMP mLOS 128 MACAES-128-GMAC Hash for PRFSHA256 AES-256-GCMP mLOS 192 AES-256-GMAC SHA384 minimum Levels of Security Cannot “mix & match” features Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July 2012 A transition to “Suite B-like” requirements should support improved security on older hardware Not all hardware in existing APs or clients (802.11a/b/g/n) can support “Suite B-like” requirements … … and yet there is a desire to support “better” security in even these devices A precedent for this type of support was established in the transition from WEP to TKIP to AES after the “WEP debacle” It is known that some existing hardware can support AES-CCMP-256, and the standard should take advantage of this as part of a transition path Slide 9 Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July ac should include mechanisms that support a transition to “Suite B-like” requirements Slide 10 Encryption Feature AES-128-CCMP mLOS 128 MACAES-128-CMAC Hash for PRFSHA-256 AES-256-CCMP mLOS 192 AES-256-CMAC SHA384 minimum Levels of Security Cannot “mix & match” features Salowey et al (Cisco), Harkins (Aruba)

doc.: IEEE /0946r1 Submission July 2012 The proposed path forward is discussion until Sept & consideration for inclusion into D4.0 in Palm Springs Slide 11 D3.0 LB Brian Hart comments San Diego Socialisation of proposal Teleconferences Discussion & straw polls Palm Springs Motion on inclusion We are here Overview of draft changes in r0 & r1 Let’s select a slot convenient for all interested security folk for discussion Salowey et al (Cisco), Harkins (Aruba)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.