TruSecure Corporation

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1191r5 Submission November 2004 Mike Moreton, STMicroelectronicsSlide 1 AP Architecture Thoughts Mike Moreton, STMicroelectronics.
Advertisements

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
IEEE Wireless LAN Standard
Doc.: IEEE /492r0-I Submission Robert Moskowitz, Trusecure/ICSALabsSlide 1 March 2002 An Authentication layering model Robert Moskowitz Trusecure.
Doc.: IEEE /0981r1 TGs Reference Architecture Considerations September 6, 2004 Tricci So & W. Steven Conner.Slide 1 TGs ESS Mesh System Reference.
Submission doc.: IEEE 11-12/0589r2 July 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General Links Date: Authors:
Doc.: mes Submission 7 May 2004 Tricci SoSlide 1 Need Clarification on The Definition of ESS Mesh Prepared by Tricci So.
Doc.: IEEE 11-04/0319r0 Submission March 2004 W. Steven Conner, Intel Corporation Slide 1 Architectural Considerations and Requirements for ESS.
Doc.: IEEE /2491r00 Submission September 2007 D. Eastlake (Motorola), G. Hiertz (Philips)Slide 1 WLAN Segregated Data Services Date:
Doc.: IEEE /1378r0 Submission November 2008 Darwin Engwer, Nortel NetworksSlide 1 Improving Multicast Reliability Date: Authors:
Doc.: IEEE /2161r1 Submission July 2007 Slide 1 July 2007 Donald Eastlake 3rd, MotorolaSlide 1 Segregated Data Services in Date:
Doc.: IEEE /0278r5 Submission March 2008 Javier Cardona et al. Avoiding Interactions with Lazy-WDS Equipment Date:
Doc.: IEEE /0568r0 Submission May 2012 Young Hoon Kwon, Huawei Slide 1 AP Discovery Information Broadcasting Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /1143r0 Submission November 2009 Kazuyuki Sakoda, Sony CorporationSlide 1 Potential confusion in D3.04 Date: Authors:
SubmissionJoe Kwak, InterDigital1 Simplified 11k Security Joe Kwak InterDigital Communications Corporation doc: IEEE /552r0May 2004.
Doc.: IEEE /230r0 Submission Robert Moskowitz, Trusecure/ICSALabsSlide 1 March 2002 Proxied Preauthorized Roaming Robert Moskowitz Trusecure Corporation.
Doc.: IEEE /1115r2 Submission J Chhabra, A. R. Prasad, J. Walker, H. AokiSlide s Security concepts Jasmeet Chhabra, Intel
Doc.: IEEE /0103r0 Submission January 2004 Jesse Walker, Intel CorporationSlide 1 Some LB 62 Motions January 14, 2003.
Doc.: IEEE /2952r2 Submission Dec 2007 L.Chu Etc.Slide 1 Simplified DLS Action Frame Transmission in 11Z Date: Authors:
Robust Security Network (RSN) Service of IEEE
AP Architecture Changes Mike Moreton, STMicroelectronics
TGaq Transaction Protocol
Broadcasting on WLAN Date: Authors: July 2017
Some LB 62 Motions January 13, 2003 January 2004
Broadcasting on WLAN Date: Authors: September 2017
Broadcasting on WLAN Date: Authors: July 2017
doc.: IEEE /xxx Jon Edney, Nokia
January 2003 Joe Kwak InterDigital Communications Corporation
Broadcast Service on WLAN
DLS Power Save Delivery Mechanism
doc.: IEEE /xxxr0 Mike Moreton
Broadcast Service on WLAN
AP Discovery Information Broadcasting
IEEE Interim May 2004 Allyn Romanow
Issues of MAC Management Security
Proposal for ESS Mesh Date: Authors:
WLAN Segregated Data Services
OmniRAN Overview and status
Technical Requirements for IEEE ESS Mesh Networks
Mesh Frame Formats Date: Authors: June 2007 March 2007
Reason Why L2 Per Frame Authentication Is Required
RADIUS Client Kickstart
IEEE MEDIA INDEPENDENT HANDOVER
Mesh Frame Formats Date: Authors: July 2007 March 2007
Avoiding duplicated queries in 11aq
Low Power Sensor Broadcast Use Cases
AP Architecture Thoughts
Security for Measurement Requests and Information
Discovery of ESS services
Reducing Overhead in Active Scanning with Simulation Results
doc.: IEEE /454r0 Bob Beach Symbol Technologies
Link Setup Flow July 2011 Date: Authors: Name Company
CID#89-Directed Multicast Service (DMS)
A View on s Routing A Framework for a Discussion
Reducing Overhead in Active Scanning with Simulation Results
Suggested Clarification of s ESS Mesh Terminology
Efficient TIM element supporting multiple BSSIDs
A security model for wireless meshs
A Function Orientated Mesh Security Model
Segregated Data Services in
Efficient TIM element supporting multiple BSSIDs
HIP DEX for Fast Initial Authentication in
Link Setup Flow July 2011 Date: Authors: Name Company
Naval Research Laboratory Dynamic Backbone Subnets
Potential L2 security options for UL BCS
Broadcast Service on WLAN
On ESS Mesh Device Discovery
Virtual BSS For Multi AP Coordination
TruSecure Corporation
May 2014 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: TG9 Hop Discussion Date Submitted: May 15, 2014.
Presentation transcript:

TruSecure Corporation doc.: IEEE 802.11-04-0777-00-000s July 2004 July 2004 802.11s Security Proposal Robert Moskowitz ICSALabs a Division of TruSecure Corporation Robert Moskowitz, ICSAlabs Robert Moskowitz, ICSAlabs

Topics Mesh Assumptions Mesh security Risks A Security view of a Mesh July 2004 Topics Mesh Assumptions Mesh security Risks A Security view of a Mesh Two Security Models for a Mesh Not 100% thought out! Robert Moskowitz, ICSAlabs

Mesh Assumptions An 802.11s mesh consists of both APs and STAs July 2004 Mesh Assumptions An 802.11s mesh consists of both APs and STAs Per 802.11, an AP is a STA with additional functions A mesh is a single IEEE 802 LAN As defined in ISO/IEC 15802-1 The 802 LAN does not extend beyond the mesh Not sure this is necessary, but impacts Security Robert Moskowitz, ICSAlabs

Mesh Security Risks Only designated STAs are APs July 2004 Mesh Security Risks Only designated STAs are APs AP control traffic is secure from non-AP STAs Broadcast/Multicast traffic is encrypted only once for the mesh Unicast traffic is secure between STAs Fast key establishment Robert Moskowitz, ICSAlabs

A Security View of a Mesh July 2004 A Security View of a Mesh Connectivity Association (CA): The relationship between peer entities that allows them to communicate. An ESS provides a CA between STAs. SCA is a Secured CA. Robert Moskowitz, ICSAlabs

A Security View of a Mesh July 2004 A Security View of a Mesh Secure Channel (SC): A security relationship used to provide security guarantees for frames transmitted from one member of a CA to the others There are N SCs within an SCA. SCs are unidirectional All the SCs together in a CA define the SCA An optional Security Association (SA) provides security guarantees for frames transmitted from one member of a CA to another member. Robert Moskowitz, ICSAlabs

B CAabcd A C SCA SCB SCC SCD D CA = Secure Connection Association July 2004 CA = Secure Connection Association SCi = Secure Channel from Station (I) to all stations on CA SAij = Security Association Station (i) to Station (j) B CAabcd A C SCA SCB SCC SCD D Robert Moskowitz, ICSAlabs

A Security View of a Mesh July 2004 A Security View of a Mesh SCA risks Without the optional SAs, any STA can spoof another STA within the SCA And this is an N*(N-1) problem Broadcast/Multicast traffic can always be spoofed within an SCA Cost of scaling Potential large number of keys to track Robert Moskowitz, ICSAlabs

A Security View of a Mesh July 2004 A Security View of a Mesh A STA has multiple Secure Channels and one Unsecure Channel The Unsecure Channel is for passing security establishment traffic An ESS can support multiple SCAs If And Only If there is a way to MUX the SCAs below the MAC security service. Even with MUXing there is one Unsecure Channel Robert Moskowitz, ICSAlabs

Model #1 for a Mesh Define 2 SCAs One for APs July 2004 Model #1 for a Mesh Define 2 SCAs One for APs 32 SCs 32*31 SAs - but just 31 subentries under each SC One for all STAs (including APs) Requires MUXing to distinguish AP control frames from general frames Robert Moskowitz, ICSAlabs

Model #1 for a Mesh Benefits Costs July 2004 Model #1 for a Mesh Benefits No Key management costs after AP or STA has joined the mesh Security-Free mobility No Decryption/Encryption of any frames within mesh for forwarding Costs Potentially complex authentication model Every STA authenticated to all other STAs Many keys to manage Actually not hard to create Robert Moskowitz, ICSAlabs

Model #2 for a Mesh For N STAs define N+1 SCAs One for APs July 2004 Model #2 for a Mesh For N STAs define N+1 SCAs One for APs Same as in Model #1 One SCA per STA Consisting of STA and all APs Requires MUXing to distinguish AP control frames from general frames and one STAs frames from other STAs Robert Moskowitz, ICSAlabs

Model #2 for a Mesh Benefits Costs Simpler authentication model July 2004 Model #2 for a Mesh Benefits Simpler authentication model STAs only authenticated to APs No Key management costs after AP or STA has joined the mesh Security-Free mobility Fewer keys to manage than in Model #1 Costs STA-STA traffic de/re encrypted by last AP in chain No STA-STA confidentially Broadcast traffic de/re encrypted by each AP for all STAs Robert Moskowitz, ICSAlabs

Questions! LOTS of work still to do July 2004 Robert Moskowitz, ICSAlabs