Robert Moskowitz, Verizon January 2012 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: KMP Transport Proposal Date Submitted: January 16, 2012 Source: Robert Moskowitz, Verizon Address 1000 Bent Creek Blvd, MechanicsBurg, PA, USA Voice:+1 (248) 968-9809, e-mail: rgm@labs.htt-consult.com Re: Key Managementn over 4e Multipurpose Frames Abstract: Proposal for tg9 document structure and content Purpose: To add Key Management capabilities to 15.4 and 15.7 Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15. Robert Moskowitz, Verizon

Key Management Support for 15.4 and 15.7 January 2012 Key Management Support for 15.4 and 15.7 Robert Moskowitz Jacksonville January 18, 2012 Robert Moskowitz, Verizon

January 2012 Abstract To provide for a Key Management Protocol Transport for 802.15.4 and .7 KMP agnostic Support: HIP, IKEv2, 802.1X, ... Provide recommended functionality for KMPs Use Information Elements From 15.4e for 15.4 How for 15.7? Robert Moskowitz, Verizon

Document Structure Recommended Practice 4 sections January 2012 Document Structure Recommended Practice EVERYTHING is Recommended, nothing is REQUIRED 4 sections KMP Transport frame format and state machine 15.4 support for KMP Transport 15.7 support for KMP Transport KMP specific implementation guidelines Robert Moskowitz, Verizon

KMP Transport Frames and State Machine January 2012 KMP Transport Frames and State Machine Fragmentation Support KMP packet size WILL exceed MPDU Forced fragment chaining for simplification Concurrent KMP sessions Security Association content What keys? PTK, GTK, etc. Counters, lifetimes, etc. Robert Moskowitz, Verizon

KMP Transport Frames and State Machine January 2012 KMP Transport Frames and State Machine Frame format MAC specific content ID Length Control Field – 1 byte KMP fragment Bits:1 7 Octets: 1 - 2046 Chaining Flag KMPID/Count KMP Fragment 0-1 0-127 -- Robert Moskowitz, Verizon

KMP Transport Frames and State Machine January 2012 KMP Transport Frames and State Machine Control Field 1 bit chaining flag (yes, last/onlyone) 7 bit KMP ID/Chain count First packet provides KMP ID ID range 1-30, 0 & 31 reserved HIP, IKEv2, SAE, 802.1X, etc. Chain Count Starts at 32 to disambiguate ID or count C=32 is 2nd fragment C=33 is 3rd fragment, 127 reserved 97 fragments SHOULD provide for at least 6KB KMP payload Robert Moskowitz, Verizon

15.4 Specifics Use 15.4e Information Elements January 2012 15.4 Specifics Use 15.4e Information Elements In the multipurpose frame or command frame Use data payload IEs (not header IEs) Larger payload length Need IE type assignment Use Forced ACK for chaining support For pre-4e devices work with IETF on 6lowpan support Robert Moskowitz, Verizon

15.4 Specifics 15.4 MAC and IE formats January 2012 Robert Moskowitz, Verizon

15.4 Specifics MAC and IE details January 2012 15.4 Specifics MAC and IE details Unauthenticated PDUs always use long addresses e.g. KMP rekeying within authenticated PDUs MAY use short addresses IE ID Value from table Only 5 values available Robert Moskowitz, Verizon

15.4 Specifics MAC and IE details ACK frame used for chaining January 2012 15.4 Specifics MAC and IE details ACK frame used for chaining Robert Moskowitz, Verizon

15.4 Specifics MAC and IE details IE ID Value assignment January 2012 Only 5 values available Consider one value for 'device control' with a 1 byte sub-field Robert Moskowitz, Verizon

15.4 Specifics Pre 15.4e device support For 6lowpan PANs January 2012 Develop a submission to the IETF using the Dispatch Type in RFC 4944 PDUs with the KMP Dispatch Type a length field will be equivalent to the 15.4e KMP IE A 6lowpan device that supports 15.4e SHOULD also support this pre-15.4e mode of operation Robert Moskowitz, Verizon

15.4 Specifics Security Association content January 2012 15.4 Specifics Security Association content 802.15.4-2011 section 7.5, table 60 SA per link pair Broadcast SA(s) may be KMP specific 1 per source? Shared key space with sequence including source MAC? How to control rekeying will be KMP specific Robert Moskowitz, Verizon

15.7 Specifics TBD! We need help on 15.7 January 2012 15.7 Specifics TBD! We need help on 15.7 It looks workable, but details lacking Robert Moskowitz, Verizon

KMP Guidelines Each KMP SHOULD have a sub-section January 2012 KMP Guidelines Each KMP SHOULD have a sub-section General KMP description and use cases Profile KMPs to 'fit' in .15 usage References to defining documents Security Association(s) definitions SA generally defined in MAC sections, specifics here Robert Moskowitz, Verizon

KMP Guidelines Initial list of KMPs 802.1X HIP – R. Moskowitz January 2012 KMP Guidelines Initial list of KMPs 802.1X Needs to include an actual key exchange like the 802.11i 4-way handshake HIP – R. Moskowitz IKEv2 – T. Kivinen PANA SAE Robert Moskowitz, Verizon

KMP Guidelines KMP Profiling for 15.9 usage Change in encapsulation January 2012 KMP Guidelines KMP Profiling for 15.9 usage Change in encapsulation e.g. IKEv2 specified to run over UDP Additions for SA management e.g. 802.1X does not supply link keys. In 802.11 usage, this is done via the 4- Way Handshake Special attention to broadcast keying management Others? Robert Moskowitz, Verizon

KMP Guidelines KMP use cases Why this KMP? Practical examples January 2012 KMP Guidelines KMP use cases Why this KMP? Code size, CPU/battery demand Multi-layer code reuse Practical examples Deployment advice Identity installation and registration When performed Life-cycle management Rekeying Robert Moskowitz, Verizon