TDLS Inconsistent Security Problem

Slides:



Advertisements
Similar presentations
Doc.: IEEE /0021r2 Submission July 2008 Jing Zhu, Intel CorporationSlide 1 IEEE 802 Air-Interface Support for Co- Located Coexistence Notice:
Advertisements

Submission doc.: IEEE /XXXXr0 Month Year John Doe, Some CompanySlide 1 Insert Presentation Title Here Date: YYYY-MM-DD Authors: Notice: This document.
Doc.: IEEE /2797r00 Submission Oct 2007 Jiyoung et al. Path Selection and Path Switch Mechanism Notice: This document has been prepared to assist.
November 2012 doc.: IEEE SubmissionLG Electronics Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission.
Devices Interfering with Current Channel of AP
STAKey Design Flaws Date: Jesse, Shlomo, Suman
Extensions to DLS Date: Suman et al.
Extended Usage of STKSA
June 2006 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Proposed Scenarios for Usage Model Document.
doc.: IEEE <doc#>
doc.: IEEE <doc#>
doc.: IEEE <doc#>
Enhanced Direct Link Setup in nDLS
Protected SSIDs Date: Authors: March 2005 March 2005
doc.: IEEE <doc#>
802.11af Liaison Report Date: Authors: March 2011
doc.: IEEE <doc#>
doc.: IEEE <doc#>
Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Discovery Procedure] Date Submitted:
doc.: IEEE <doc#>
Possible Effects of FCC rules to design
Design Principles for Entity Responsibilities
Multi-rate Effects on Direct Link Setup
Best Path Selection Mechanism
Diagnostics and Troubleshooting
Rate Control for GAS Requests
Submission Title: [One-to-many and many-to-many peering procedures]
New DLS (nDLS) Date: Menzo et al.
CID#102 - Channel Allocation for P2P
Proposal for User Plane Support for QoS Mapping
doc.: IEEE <doc#>
DLS Link Timeout Date: Eunkyo Kim
doc.: IEEE <doc#>
doc.: IEEE /XXXr0 Sep 19, 2007 June 2009
Secure Network Selection
Submission Title: [Open issues on the BAN]
Impact of KTP Non-definition
doc.: IEEE <doc#>
March 2016 Election Results
Peer Power Save Mode Date: Authors: January 2008
doc.: IEEE <doc#>
Submission Title: [One-to-many and many-to-many peering procedures]
WAC SG November 2016 Opening Report
Off-channel selection
Data types definition directions
doc.: IEEE <doc#>
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Limiting GAS State-1 Query Response Length
Path Selection and Path Switch Mechanism
ISO15118 – Charging Communication
STA Location for emergency call support in SSPN interface
Power Saving for DLS July 2006 Date: Authors: Month Year
Possible Action Items Date: Author:
Possible Action Items Date: Author:
<month year> doc.: IEEE <030158r0> <March 2003>
Location Capability Negotiation
TG 1 November Session Opening Report
Method for geting Link RCPI
Method for geting Link RCPI
Transition Nowhere Date: Authors: Sept 2005 Sept 2005
List of Remaining Proposals for Downselection
A method to refresh the keys hierarchy periodically
September 2008 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Suggested TG3c PAR Changes] Date Submitted:
A method to refresh the keys hierarchy periodically
Comments to IEEE /68 Date: Authors: September 2009
Extended Usage of STKSA
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Your Title Here
Proposal for User Plane Support for QoS Mapping
E911 Bits Date: Authors: May 2007 Month Year
May 2015 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Source identification Date Submitted: May, 2015.
Presentation transcript:

TDLS Inconsistent Security Problem Month Year doc.: IEEE 802.11-yy/xxxxr0 November, 2007 TDLS Inconsistent Security Problem Date: 2007-11-15 Authors: Notice: This document has been prepared to assist IEEE 802.11. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Sihoon Yang Sihoon Yang, LG Electronics

Month Year doc.: IEEE 802.11-yy/xxxxr0 November, 2007 Abstract TDLS currently support security even though AP can’t support security. But it is very confusing. We need a method to provide a consistent security mechanism. Sihoon Yang Sihoon Yang, LG Electronics

November, 2007 Background I’m considering AP can’t support an RSNA, but STAs support an RSNA STAs established non-RSNA with AP. STA establish an RSNA with each other for Direct Link Is it secure or not? It depends on Path AP Path : not secure DLS Path : secure It doesn’t support consistent security. It’s very confusing to user or higher layer application. AP Path AP Not secure Secure Initiator STA Peer STA DLS Path Sihoon Yang

Background (cont) AP Path Not secure Secure DLS Path November, 2007 Scinario AP established non-RSNA with STAs STAs set up secure TDLS Initiator STA send the file including the list of ID and password First they use DLS path and can send data securely Peer STA moves away and they use AP path Data is not secure any more What happened? Passive attacker can sniff and get some ID, password. It is not secure as a whole communication AP Path Not secure AP Secure Initiator STA Peer STA DLS Path Sihoon Yang

Solution #1 DLS path support security only if AP path support security November, 2007 Solution #1 DLS path support security only if AP path support security AP must establish an RSNA with each STAs prior to TDLS Peer key handshake If STAs established an RSNA with AP, STAs can establish an secure TDLS setup. If STAs didn’t establish an RSNA with AP, STAs can’t establish an secure TDLS setup. AP Secure Secure Initiator STA Peer STA Sihoon Yang

Solution #2 Make AP path to be secure even if AP don’t support RSNA November, 2007 Solution #2 Make AP path to be secure even if AP don’t support RSNA Need new mechanism which make AP path to be secure even if AP don’t support RSNA Secure AP Not secure Secure Initiator STA Peer STA Sihoon Yang

November, 2007 Straw poll What solution are you in favor of to resolve the inconsistent security problem? Solution #1 : DLS path support security if and only if AP path support security Solution #2 : Make AP path to be secure even if AP don’t support RSNA Don’t Know/Care : Sihoon Yang

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.