14 March 2002 doc.: IEEE /152r1 Gregg Rasor, MotorolaSlide 1Submission Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Security Suite Compromise Date Submitted: 12 March, 2002 Source: Gregg Rasor Company: Motorola Address: 1500 Gateway Blvd., Boynton Beach, Florida Voice: , FAX: , Re: P Security Suite Selection Abstract:A compromise solution is proposed that implements flexible, scalable security in the WPAN. Purpose: Detail a flexible, scalable security solution for the WPAN. Notice:This document has been prepared to assist the IEEE P It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release:The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P

14 March 2002 doc.: IEEE /152r1 Gregg Rasor, MotorolaSlide 2Submission Security Suite Compromise Gregg Rasor, Distinguished Member of the Technical Staff Motorola Labs

14 March 2002 doc.: IEEE /152r1 Gregg Rasor, MotorolaSlide 3Submission Scalable, Open Security Model ModeSecurity Effect 0No security (default) 1Access control list (no cryptographic security) 2Public key cryptosystem security (ANSI X ), no certificates 3Public key cryptosystem security (ANSI X ), certificates required

14 March 2002 doc.: IEEE /152r1 Gregg Rasor, MotorolaSlide 4Submission Commitments for Completion Letters of commitment by Walt Davis and Scott Vanstone that the completed draft will be delivered to the Technical Editor by 5 PM April 5, Define with precision the elliptic curves necessary for implementation. FIPS Standard. Must have a completely specified ECC version of 02/131r0.

14 March 2002 doc.: IEEE /152r1 Gregg Rasor, MotorolaSlide 5Submission Certificate Application In order to support interoperability and scalability, the MAC and MLMEs in all devices shall support the use of certificates, however, authentication of devices using certificates shall not be required, and the type of certificate used shall be selectable by the security suite. This allows selection of either a manual, challenge and response authentication mode, or an automatic, certificate based authentication mode. Since every device must support these modes, and further, since negotiation shall be required, interoperability is insured.