March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Issues in Mesh Header Field Processing in Payload Encryption/Decryption Date: 2007-03-12 Authors: Notice: This document has been prepared to assist IEEE 802.11. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.11. Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures <http:// ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair <stuart.kerry@philips.com> as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE 802.11 Working Group. If you have questions, contact the IEEE Patent Committee Administrator at <patcom@ieee.org>. Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Abstract We summarize technical and non-technical issues in Mesh Header field processing related with payload encryption/decryption. Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
Review of Mesh Data Frame Format March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Review of Mesh Data Frame Format Target of payload encryption/decryption Octets: 2 2 6 6 6 2 0 or 6 2 4 or 16 0-2312 4 Frame Control Duration / ID Address 1 Address 2 Address 3 Sequence Control Address 4 QoS Control Mesh Header Body FCS Octets: 2 1 2 12 Mesh Flags Mesh Addressing Time To Live (TTL) Mesh E2E Sequence Number Bit 0:Address Extension (AE) Bits 1-7:Reserved for Future Use Octets: 6: Address 5 6 Address 6 Exists only when the “AE” flag is set to 1. Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
Non-Technical Reasoning behind the Current TGs Approach March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Non-Technical Reasoning behind the Current TGs Approach Many existing security implementations are not flexible enough to support the change of header fields in their processing, i.e., # of offsets from the start of frame header to begin payload encryption/decryption process. By treating the Mesh Header field as part of a frame body in payload encryption/decryption, we can maximize backward compatibility with the existing security implementations. Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
Review of 802.11 MAC Header Processing March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Review of 802.11 MAC Header Processing Protocol_Control Protocol_Control Defragment / Decrypt /* Filter valid received frames, updates statstics (counter processing) */ Validate_ MPDU Filter_ MPDU Defragment / Decrypt Filter_MPDU /* FCS, length & protocol version check */ Validate_MPDU PHY_SAP_RX PHY_SAP_RX * Excerpt from Annex C of 802.11 Standard Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
Technical Issues in Processing Mesh Header Field as Part of Payload March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Technical Issues in Processing Mesh Header Field as Part of Payload The following are issues resulting from the split in header processing (especially, Filtering_MPDU): MIB: Possible inconsistency in counter handling (e.g., "dot11CountersEntry") due to the split in header processing. We may have to split counters as well (i.e., those for regular header fields and new ones for mesh header fields). Powering: Decryption will be done even for those frames that are to be discarded during Validation/Filtering processes otherwise. Latency: Alternatively, in case that powering is not an issue, one may try to reduce latency in header processing by pipelining all three subprocesses Validate, Filter, & Defragment/Decrypt. With the current TGs approach, however, the mesh header processing cannot be even started until the Defragment/Decrypt process has been finished. Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
Split in Header Processing in Current TGs Approach March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Split in Header Processing in Current TGs Approach Protocol_Control Protocol_Control Filter_MPDU (2) /* Based on Mesh Header fields */ Filter_ MPDU (2) Defragment / Decrypt Validate_ MPDU Filter_ MPDU (1) Defragment / Decrypt Filter_MPDU (1) /* Based on regular header fields */ Validate_MPDU PHY_SAP_RX PHY_SAP_RX Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics
March 2007 doc.: IEEE 802.11-07/0354r0 March 2007 Conclusion The Mesh Header field should be treated as other fields in the current 802.11 frame header and therefore not included in payload encryption/decryption. Kyeong Soo (Joseph) Kim, STMicroelectronics Kyeong Soo (Joseph) Kim, STMicroelectronics