Enhanced Security Features for

Slides:



Advertisements
Similar presentations
Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Advertisements

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Doc.: IEEE /0836r2 Submission July 2008 Dan Harkins, Aruba NetworksSlide 1 Changes to SAE State Machine Date: Authors:
Doc.: IEEE /0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: Authors:
Doc.: IEEE /770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: Authors: Russ Housley (Vigil Security), et.
Submission doc.: IEEE 11-12/1253r1 November 2012 Dan Harkins, Aruba NetworksSlide 1 Why Use SIV for 11ai? Date: Authors:
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Wired Equivalent Privacy (WEP)
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
Submission doc.: IEEE 11-12/0589r2 July 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General Links Date: Authors:
IEEE i WPA2. IEEE i (WPA2) IEEE i, is an amendment to the standard specifying security mechanisms for wireless networks. The.
Doc.: IEEE /0580r0 Submission May 09 Myles et al (Cisco)Slide 1 Discussion on the proposal to start a new Security SG in WG.
WEP Protocol Weaknesses and Vulnerabilities
Doc.: IEEE /0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: Authors:
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
Doc.: IEEE r0 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
Lecture 24 Wireless Network Security
Doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 1 Secure Authentication Using Only A Password Date:
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Doc.: IEEE /0315r4 Submission July 2009 Dan Harkins, Aruba NetworksSlide 1 Enhanced Security Date: Authors:
Wireless security Wi–Fi (802.11) Security
Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.
Doc.: IEEE /0896r0 SubmissionJae Seung Lee, ETRISlide 1 Probe Request Filtering Criteria Date: July 2012.
Doc.: IEEE /1145r1 Submission August WG Slide 1 Mutual Authentication Date: Authors: Slide 1.
Doc.: IEEE /1147r1 Submission November 2009 David Halasz, AclaraSlide 1 Path Protection Date: Authors:
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Doc.: IEEE /0103r0 Submission January 2004 Jesse Walker, Intel CorporationSlide 1 Some LB 62 Motions January 14, 2003.
Robust Security Network (RSN) Service of IEEE
Message Authentication Code
CSE 4905 WiFi Security II WPA2 (WiFi Protected Access 2)
History and Implementation of the IEEE 802 Security Architecture
Enhanced Security Date: Authors: May 2009 May 2009
Secure PSK Authentication
Authentication and Upper-Layer Messaging
Wireless Protocols WEP, WPA & WPA2.
We will talking about : What is WAP ? What is WAP2 ? Is there secure ?
WEP & WPA Mandy Kershishnik.
July 2010 doc.: IEEE /0903r0 A resolution proposal comments related to for next generation security in built on changes in ac 14.
Discussions on FILS Authentication
Information and Network Security
10CS835 Information Security
Enhanced Security Features for
Secure PSK Authentication
Opportunistic Wireless Encryption
Key Descriptor Version in EAPOL Key Frames
MAC Address Hijacking Problem
IEEE i Dohwan Kim.
Kerberos Kerberos is an authentication protocol for trusted hosts on untrusted networks.
Mutual Authentication
Cryptography and Network Security
WNG SC Agenda Authors: May 2009 Date: March 2009
July 2010 doc.: IEEE /0903r0 A proposal for next generation security in built on changes in ac 23 August 2012 Authors: Name Company.
Mutual Authentication
IEEE k Security: A Conceptual Model
Security Properties Straw Polls
Password Authenticated Key Exchange
AP Power Down Notification
Changes to SAE State Machine
Potential L2 security options for UL BCS
A Better Way to Protect APE Messages
Counter With Cipher Block Chaining-MAC
Presentation transcript:

Enhanced Security Features for 802.11 March 2009 doc.: IEEE 802.11-09/0000r0 March 2009 Enhanced Security Features for 802.11 Date: 2008-03-09 Authors: Dan Harkins, Aruba Networks Dan Hakrins, Aruba Networks

March 2009 doc.: IEEE 802.11-09/0000r0 March 2009 Abstract This document describes important security features that are missing from, or will enhance, IEEE 802.11. Dan Harkins, Aruba Networks Dan Hakrins, Aruba Networks

802.11 Security Services Authentication March 2009 802.11 Security Services Authentication A STA can prove its identity to the network and vice versa Authorization and Access Control Once authenticated a STA can be given access to the network, or a subset of it, or denied access to the network. Data Confidentiality Data sent between the STA and AP is hidden from all but the source and destination of the data. Data Integrity The recipient of a frame is able to verify that the frame was not modified in transit and that a false frame has not been substituted for a valid frame. Data Source Authentication The recipient of a frame is able to ascertain the origin of the frame and it is not possible for anyone else to masquerade as the claimed originator. Dan Harkins, Aruba Networks

How are These Services Provided Today? March 2009 How are These Services Provided Today? WEP Deprecated but still part of the standard. Intended to provide authentication, access control, and confidentiality but does not do so securely. RSN 802.1x Key Management: provides mutual authentication, allows for authorization and access control decision making, generates secure and cryptographically strong keys. PSK Key Management: provides a limited type of authentication, generates weak keys that void some features of RSN ciphers. TKIP: provides confidentiality, data integrity (sub-optimally), and data source authentication. CCMP: provides confidentiality, data integrity, and data source authentication. Dan Harkins, Aruba Networks

March 2009 What’s The Problem? Cryptographically strong security is limited to certain use cases. Not every deployment has a centralized AAA server; access to a centralized AAA server cannot always be guaranteed. Hence the WFA’s attempt to generate an adjunct for password-based authentication. Hence different use cases– peer-to-peer and mesh, for instance,-- developing their own way of providing security. Cryptographically strong security doesn’t really work for IBSS or peer-to-peer deployments. New ciphers that are arguable better than those currently defined in 802.11 have been developed. Unfortunately 802.11 lacks a definition on how to use them. Some TGs require security for features but such work is outside the scope of existing TGs. Dan Harkins, Aruba Networks

What’s The Solution? A new Task Group to work on March 2009 What’s The Solution? A new Task Group to work on Secure, de-centralized authentication and key management. These solutions should be suitable for a traditional ESS as well as ad hoc, mesh, and various peer-to-peer applications. A password-based key exchange resistant to passive attack, active attack and dictionary attack. A certificate-based key exchange Definition (not development) of new ciphers AES-GCM: a high-performance, single-pass, cipher for authenticated encryption AES-SIV: a misuse-resistant cipher for authenticated encryption Solution to current problems that are outside the scope of existing TGs TGv’s location services Dan Harkins, Aruba Networks

Secure, De-centralized Authentication March 2009 Secure, De-centralized Authentication Requirements Each device has its own authentication credential, a password or a certificate. Each device can authenticate another device without external assistance. Protocols must be defined in a peer-to-peer fashion. Peer-to-peer implies client-server, but the opposite is not true, so a peer-to-peer protocol would cover ESS, ad hoc, mesh, etc. Examples The password-authenticated key exchange in 802.11s: SAE. SKEME, a certificate-based authenticated key exchange protocol DHKE-1, a certificate-based authenticated key exchange protocol Dan Harkins, Aruba Networks

Support for New Ciphers March 2009 Support for New Ciphers AES-GCM Like CCM, GCM performs authenticated encryption and accepts additional authenticated data. GCM performs authenticated encryption with one pass over the data. This allows for much higher throughput that CCM which requires two passes. AES-SIV Like CCM, SIV performs authenticated encryption and accepts additional authenticated data. Unlike CCM, SIV will not lose all security if a nonce/counter is reused. This allows for more robust security, especially when the operations are taking place in software or in situations where uniqueness of counters cannot be strictly guaranteed. Dan Harkins, Aruba Networks

Address Issues Outside Other TG’s Scope March 2009 Address Issues Outside Other TG’s Scope TGv’s location services A STA wants to protect announcements it sends out pertaining to its location and these announcements are be received by multiple APs, some of which the STA does not share an active security association. Anything else? Dan Harkins, Aruba Networks

A New Task Group Tight focus ensures timely results March 2009 A New Task Group Tight focus ensures timely results Keep a focus on security enhancements to existing 802.11 functionality and not creation of new security algorithms, ciphers, etc. Much of this has already been designed– GCM, SIV, SAE– so it’s a problem of defining use in 802.11. There is a need for de-centralized security in 802.11 Use of a PSK/password is widespread and will remain so. Unfortunately it is not secure; we should make it so. Other groups– like Wi-Fi Alliance– believe there is market demand. It makes sense for 802.11 to provide it instead of hoping other organizations do it (and do it right). Data rates keep increasing, ciphers cannot be bottlenecks! Dan Harkins, Aruba Networks

March 2009 References NIST SP800-38D P. Rogaway and T. Shrimpton, “Deterministic Authenticated Encryption, A Provable Security Treatment of the Key-Wrap Problem”, Advances in Cryptology– EUROCRYPT ’06, St. Petersburg, Russia, 2006. RFC 5297 H. Krawczyk, ‘SKEME: A Versatile Secure Key Exchange Mechanism for the Internet’, Proceedings of the Internet Society Symposium on Network and Distributed Systems Security, August 1995 V. Shoup, “On Formal Models for Secure Key Exchange”. ACM Computer and Communications Security Conference, 1999. Dan Harkins, Aruba Networks

March 2009 Straw Poll “A Study Group to develop a PAR and Five Criteria for Enhanced Security for 802.11 should be created” Yes: No: Don’t Know, Need More Information: Don’t Care: Dan Harkins, Aruba Networks