IEEE802.11 for High Speed Mobility November 2005 doc.: IEEE 802.11-05/1859r0 IEEE802.11 for High Speed Mobility Date: 2009-11-17 Authors: Name Company Address Phone email Hiroki NAKANO Trans New Technology, Inc. Sumitomo-Seimei Kyoto Bldg. 8F, 62 Tukiboko-cho Shimogyo-ku, Kyoto 600-8492 JAPAN +81-75-213-1200 cas@trans-nt.com Hitoshi MORIOKA ROOT Inc. #33 Ito Bldg. 2-14-38 Tenjin, Chuo-ku, Fukuoka 810-0001 JAPAN +81-92-832-3391 hmorioka@root-hq.com Hiroshi MANO 8F TOC2 Bldg. 7-21-11 Nishi-Gotanda, Shinagawa-ku, Tokyo 141-0031 JAPAN +81-3-5719-7630 hmano@root-hq.com Notice: This document has been prepared to assist IEEE 802.11. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.11. Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures <http:// ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair <stuart.kerry@philips.com> as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE 802.11 Working Group. If you have questions, contact the IEEE Patent Committee Administrator at <patcom@ieee.org>. Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

November 2005 doc.: IEEE 802.11-05/1859r0 Abstract We told about IEEE802.11 enhancement for high speed mobility support in the previous session in Hawaii. Mobile vs. Nomadic Limitation of Market Connectivity Lost How to solve the issue Today, we talk about our exprimental protocol. 2 Straw Polls Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

November 2005 doc.: IEEE 802.11-05/1859r0 Mobile vs. Nomadic Let’s quote definitions from RECOMMENDATION ITU-R F.1399-1 “Vocabulary of terms for wireless access” Mobile wireless access (MWA) Wireless access application in which the location of the end-user termination is mobile. Nomadic wireless access (NWA) Wireless access application in which the location of the end-user termination may be in different places but it must be stationary while in use. Slide 3 Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc. Hitoshi MORIOKA, ROOT Inc.

Limit of market growth in the existing 802.11 November 2005 doc.: IEEE 802.11-05/1859r0 Limit of market growth in the existing 802.11 Bandwidth? No! We are getting wide bandwidth day by day 11b, g, a, n, ac, ad Securities? No! 802.11 incorporates new security system too. WEP, 802.11i… Propagation range? No! it is true, but it is not limit of technologies. It’s depends on regulatory. And it’s good for avoiding congestion. Service model? Yes! we are still in nomadic services. Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

If we got actual mobility on 802.11 We will get November 2005 doc.: IEEE 802.11-05/1859r0 Beyond “Nomadic” If we got actual mobility on 802.11 We will get Wi-Fi IP mobile phone (not only in-house phone) Wi-Fi on a car (high context navigation) Wi-Fi on a train (passenger services) Wi-Fi real-time audio (anywhere anytime) Wi-Fi real-time video (anywhere anytime) skype, etc., Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Existing Wi-Fi Service Area November 2005 doc.: IEEE 802.11-05/1859r0 Existing Wi-Fi Service Area Huge number of APs were deployed by different owners. APs owned by one owner can be operated by 802.11r technology to provide fast roaming inside one ESS. An STA is always receiving at least one or more signals from someone's APs continuously. However, we have to spend a couple of seconds to connect to another ESS every time. In other words, we lost connectivity at every border of ESS. This fact is not suitable for mobile communication. Hiroki NAKANO, Trans New Technology, Inc. 6 Hitoshi MORIOKA, ROOT Inc.

Reasons of Connectivity Loss November 2005 doc.: IEEE 802.11-05/1859r0 Reasons of Connectivity Loss Waste much time to … Discover a new AP. Latency can be reduced by 11k or background scan. Make association with a new AP. (includes authentication/key exchange…) 11i authentication is not so fast. It needs many packet exchanges. Upper layer setup. (Out of Scope) Upper layer handover. (Out of Scope) Fast authentication and key management (AKM) can reduce connectivity loss. Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Time for handover IEEE802.16e -- 35-50ms IEEE802.16m -- 30ms? November 2005 doc.: IEEE 802.11-05/1859r0 Time for handover IEEE802.16e -- 35-50ms IEEE802.16m -- 30ms? IEEE802.11i + .1X -- >100ms while G.711 sends a packet every 20ms. Another VoIP implementation sends every 50ms. Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Protocol Sequence of IEEE802.11i (EAP-TLS) November 2005 doc.: IEEE 802.11-05/1859r0 Protocol Sequence of IEEE802.11i (EAP-TLS) STA Roundtrip: 2ms to 5ms AP RADIUS Server Beacon Probe Request Probe Response Authentication Request Authentication Reply Association Request Association Accept EAPOL-Start Roundtrip: 1ms to 20ms EAP-Request/Identity EAP-Response/Identity RADIUS-Access-Request/Identity RADIUS-Access-Challenge/TLS-Start EAP-Request/TLS-Start EAP-Response/TLS-client Hello RADIUS-Access-Request/Pass Through RADIUS-Access-Challenge/ Server Certificate EAP-Request/Pass Through EAP-Response/Client Certificate RADIUS-Access-Request/Pass Through RADIUS-Access-Challenge/Encryption Type EAP-Request/Pass Through EAP-Response RADIUS-Access-Request RADIUS-Access-Accept EAP-Success EAP-Key Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

An Example of Faster Key Exchange November 2005 doc.: IEEE 802.11-05/1859r0 An Example of Faster Key Exchange Utilize Pre-RSNA Security Framework Authentication and PTK exchange can be done in pre-RSNA security framework. After PTK setup, GTK can be securely delivered. STA AP Authentication Server Beacon (Probe Request) (Probe Response) Authentication Request Access Request Access Response Authentication Reply (Association Request) (Association Accept) Roundtrip: 2ms to 5ms Roundtrip: 1ms to 20ms Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Time for handover (review) November 2005 doc.: IEEE 802.11-05/1859r0 Time for handover (review) IEEE802.16e -- 35-50ms IEEE802.16m -- 30ms? IEEE802.11i + .1X -- >100ms New Fast AKM -- 25-30ms (target) Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

An Example: Pre-shared Secret Key November 2005 doc.: IEEE 802.11-05/1859r0 An Example: Pre-shared Secret Key Station (non-AP STA) Access Point (AP) Authentication Server (AS) Share a secret key (AP-key) Each AP has a different key Identified by IP/MAC address Share an identifier and a secret key (MN-key) Each mobile STA has a different key Identified by NAI (account name) No pre-shared information between mobile STA and AP AP and AS function can be equipped in a box for a small system. Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

An Example: PTK delivery November 2005 doc.: IEEE 802.11-05/1859r0 An Example: PTK delivery Station (non-AP STA) Access Point (AP) Authentication Server (AS) AP-key shared PTK delivery without STA-AP mutual secrets STA-key shared PTK is delivered via AS between mobile STA and AP Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

An Example: Authentication Procedure November 2005 doc.: IEEE 802.11-05/1859r0 An Example: Authentication Procedure Station (Non-AP STA) Access Point (AP) Authentication Server (AS) Broadcast Nonce Beacon Beacon NAI… Check Timestamp Transmit Authentication Request Frame Transmit Authentication Request Frame Access Request Message Access Request Message HMAC-MD5 (AP-key) Extract HMAC-MD5 (AP-key) Extract MD5 MD5 Authenticator (16byte) Authenticator (16byte) Authenticator (16byte) Extract Compare Authentication Data (16byte) Authentication Data (16byte) Authentication Data (16byte) HMAC-MD5 (STA-key) HMAC-MD5 (STA-key) ICV (16byte) ICV (16byte) ICV (16byte) ICV (16byte) Compare Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

An Example: Authentication Procedure (Cont.) November 2005 doc.: IEEE 802.11-05/1859r0 An Example: Authentication Procedure (Cont.) Station (Non-AP STA) Access Point (AP) Authentication Server (AS) Extract Network Info (IP address…) Authentication Success Frame Access Request Message Nonce (16byte) PTK (16byte) Transmit Authentication Success Frame HMAC-MD5 (STA-key) Extract XOR Hashed ICV (16byte) PTK (16byte) ICV (16byte) MD5 Session Key DD (16byte) HMAC-MD5 (AP-key) HMAC-MD5 (AP-key) MD5 Authentication Data (16byte) Extract XOR HMAC-MD5 Authentication Data (16byte) ICV (16byte) Hashed ICV (16byte) HMAC-MD5 Extract ICV (16byte) ICV (16byte) Session Key DD (16byte) Transmit Access Approval Message Access Approval Message Compare ICV (16byte) Extract PTK (16byte) HMAC-MD5 (AP-key) Extract HMAC-MD5 (AP-key) HMAC-MD5 (STA-key) Authenticator (16byte) Authenticator (16byte) Authenticator (16byte) Nonce (16byte) Compare Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Conclusion Limitation of IEEE802.11 is “NOMADIC” use only. November 2005 doc.: IEEE 802.11-05/1859r0 Conclusion Limitation of IEEE802.11 is “NOMADIC” use only. Mobile communication will expand IEEE802.11 market. Long AKM time is not suitable for mobile use. We have to reduce AKM time toward mobile. We show an example of new fast AKM method. Further study in SG/WG is required for better AKM method. Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Questions & Comments November 2005 doc.: IEEE 802.11-05/1859r0 Hiroki NAKANO, Trans New Technology, Inc. Hitoshi MORIOKA, ROOT Inc.

Straw Poll “Does WNG think that we need further presentations exploring the need for support for mobile communication?” Yes: 25 No: 0 Need More Discussion: 3 Don’t Care: 1 Hiroki NAKANO, Trans New Technology, Inc.