CCMP Nonce Construction

Slides:



Advertisements
Similar presentations
Beacon Measurement on Pilot Frames
Advertisements

Submission on comments to +HTC frames
LB84 General AdHoc Group Sept. Closing TGn Motions
LB84 General AdHoc Group Sept. Closing TGn Motions
[ Interim Meetings 2006] Date: Authors: July 2005
IEEE White Space Radio Contribution Title
London TGu Motions Authors: January 2007 Date: Month Year
LB73 Noise and Location Categories
LB73 Noise and Location Categories
Waveform Generator Source Code
RSC Pools for Mgmt Frames
RSC Pools for Mgmt Frames
March 2014 Election Results
Attendance and Documentation for the March 2007 Plenary
[ Policies and Procedure Summary]
[ Policies and Procedure Summary]
Motion to accept Draft p 2.0
Protected SSIDs Date: Authors: March 2005 March 2005
[place presentation subject title text here]
TGp Motions Date: Authors: November 2005 Month Year
TGp Closing Report Date: Authors: March 2006 Month Year
Emergency Call Motion Date: Authors: January 2006
On Coexistence Mechanisms
TGu-changes-from-d0-02-to-d0-03
Contribution on Location Privacy
TGn Frame Format Ad Hoc Status and Motions
CCMP Nonce Construction
On Coexistence Mechanisms
TGp Closing Report Date: Authors: March 2006 Month Year
Reflector Tutorial Date: Authors: July 2006 Month Year
TGv Redline D0.07 Insert and Deletion
TGv Redline D0.06 Insert and Deletion
ADS Study Group Mid-week Report
TGu-changes-from-d0-01-to-d0-02
September Opening Report
LB73 Noise and Location Categories
PHY Ad Hoc September Opening Report
TGy draft 2.0 with changebars from draft 1.0
TGv Redline D0.10 Insert and Deletion
TGn LB84 – Frame Format Ad Hoc Status and Motions
TGn PSMP Adhoc Group Dallas Opening report
WAPI Position Paper Sept 2005 Sept 2005 IEEE WG
Redline of draft P802.11w D2.2 Date: Authors:
A-MSDU Protection March 2007 Date: September 2006
November Opening Report
TGr Proposed Draft Revision Notice
Off-channel selection
TGu-changes-from-d0-02-to-d0-03
[ Policies and Procedure Summary]
March Opening Report Date: Authors: March 2011
May 2005 CAPWAP AHC Closing Report
TGu Motions Date: Authors: May 2006 May 2006
TKIP in w Date: Authors: September 2005 Month Year
Beamforming and Link Adaptation Motions
Draft P802.11s D1.03 WordConversion
A-MSDU Protection March 2007 Date: September 2006
A-MSDU Protection March 2007 Date: September 2006
TGn LB84 – Frame Format Ad Hoc Status and Motions
Motion to go to Letter Ballot
TGu-changes-from-d0-04-to-d0-05
TGu-changes-from-d0-03-to-d0-04
TGu Motions Date: Authors: May 2006 May 2006
Reserve Option Contradiction
WNG SC Closing Report Date: Authors: November 2005
PSMP Adhoc Oct TGn Adhoc
TGn LB84 – Frame Format Ad Hoc Motions
WAPI Position Paper Sept 2005 Sept 2005 IEEE WG
Greenfield protection mechanism
TGr Proposed Draft Revision Notice
TGp Motions Date: Authors: January 2006 Month Year
Presentation transcript:

CCMP Nonce Construction September 2006 doc.: IEEE 802.11-06/1444r0 September 2006 CCMP Nonce Construction Date:2006-09-17 Authors: Notice: This document has been prepared to assist IEEE 802.11. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.11. Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures <http:// ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair <stuart.kerry@philips.com> as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE 802.11 Working Group. If you have questions, contact the IEEE Patent Committee Administrator at <patcom@ieee.org>. Henry Ptasinski, Broadcom Henry Ptasinski, Broadcom

September 2006 doc.: IEEE 802.11-06/1444r0 September 2006 Overview This submission presents further consideration for how to ensure TGw meets its security goals In Summary: Frames for the purposes of protection and replay detection must ensure unique nonce must ensure replay detection cannot be attacked Henry Ptasinski, Broadcom Henry Ptasinski, Broadcom

802.11i Composition 802.11i is designed to protect data frames September 2006 802.11i Composition 802.11i is designed to protect data frames 802.11w leverages these mechanisms to also protect management frames…but: Data frame replay detection in 802.11 requires that frames within each access (AC) are transmitted in order TGw must consider: Management frame ordering is independent of data frame ordering Henry Ptasinski, Broadcom

Management frame and Data frame ordering are Independent September 2006 Management frame and Data frame ordering are Independent Under EDCA, management frames are sent at AC_V0 without being restricted by admission control procedures Management frames queued after AC_VO data frames will be transmitted first if the data frames are blocked due to admission control Management frames must be treated as a separate stream from data frames For the purposes of protection and replay detection Must ensure unique nonce Must ensure replay detection cannot be attacked Henry Ptasinski, Broadcom

TGn: another consideration September 2006 TGn: another consideration TGn defines Management Action Frame inside a QoS-NULL data frame Considered in TGn as a distinct stream from regular data frames Considered in TGn as a distinct stream from regular management frames Must be treated as a separate stream from data frames and other management frames TGw should not preclude other Task Groups (present and future) from defining new frame types/subtypes that require protection but that don't fit into existing protected streams. Henry Ptasinski, Broadcom

Ensuring Unique Streams: Why? September 2006 Ensuring Unique Streams: Why? Reuse of nonce by transmitter destroys confidentiality property of CCM Today: common transmit PN specified for all data streams built in as an optimization only TID included in nonce generation receiver is ensured replay counter is unique to its class: e.g. matching the current TID, even if same PN is used in different streams (either by poor xmit implementation or by attacker), since TID included in nonce Henry Ptasinski, Broadcom

Approaches to ensuring Unique Streams for Management Frames September 2006 Approaches to ensuring Unique Streams for Management Frames Do Nothing Split PN Add Flag to “priority octet” to differentiate management from data streams Henry Ptasinski, Broadcom

September 2006 Aproach 1: Do Nothing Receiver needs new/different replay counter for management frames Nonce for data AC_V0 or data w/o any QoS header is indistinguishable from management frame nonce Is it safe for receiver to not compare received PN with replay counter for both data AC_V0 and management frame? How does the receiver deal with reordering between the two streams? Cross streams can lead to recovery of plaintext! Henry Ptasinski, Broadcom

Approach 2: Split PN space September 2006 Approach 2: Split PN space One partitioning: upper 1/2 of range used for management frames receiver needs new replay counter for management frames if PN is out of valid range for frame type, reject frame Appears to work for management vs. data frame split, even allowing for possible future prioritized management frames But what about: compatibility issues with legacy (non-TGw) STAs? Legacy will not know to check for this new partitioning: legacy susceptible to attack does not deal with TGn embedded management frame how to deal with other new frame types/subtypes that need protection in a straightforward fashion? failure modes? error cases? Henry Ptasinski, Broadcom

Approach 3: Add Flag in “Priority Octect” to Explicitly Distinguish September 2006 Approach 3: Add Flag in “Priority Octect” to Explicitly Distinguish Receiver still needs new replay counter for management frames but can use same rules as 802.11i Allows for possible future prioritized management frames Reserve remaining 3 bits in "priority" octet for future use Allows for straightforward future expansion Henry Ptasinski, Broadcom

Move to include normative text in document 1063/r1 into the TGw draft. September 2006 Motion Move to include normative text in document 1063/r1 into the TGw draft. Mover: Seconder: Results: Henry Ptasinski, Broadcom

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.