27 Febraury 2002 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Security Sub-committee Status Report.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /123r0 Submission February, 2002 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area.
Advertisements

10 March 2002 doc.: IEEE /126r0 Bob Huang, Sony ElectronicsSlide 1Submission Project: IEEE P Working Group for Wireless Personal Area Networks.
IEEE /121r1 Submission 27 February 2002 B. Huang, D. Bailey, G. Rasor, R. Struik, M. Welborn Sony, NTRU, Motorola, Certicom, XtremeSpectrum.
10 March 2002 doc.: IEEE /126r1 Bob Huang, Sony ElectronicsSlide 1Submission Project: IEEE P Working Group for Wireless Personal Area Networks.
14 March 2002 doc.: IEEE /152r1 Gregg Rasor, MotorolaSlide 1Submission Project: IEEE P Working Group for Wireless Personal Area Networks.
14 March 2002 doc.: IEEE /152r2 Gregg Rasor, MotorolaSlide 1Submission Project: IEEE P Working Group for Wireless Personal Area Networks.
Rick Roberts, XtremeSpectrum
Submission Title: [Add name of submission]
Submission Title: [PC Closing Report] Date Submitted: [18 Mar 2005]
Submission Title: St. Louis e/ Liaison Report.
<month year> doc.: IEEE < e>
June 2006 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Proposed Scenarios for Usage Model Document.
<month year> <doc.: IEEE doc> May 2015
doc.: IEEE <doc#>
doc.: IEEE <doc#>
<month year> doc.: IEEE <030158r0> March 2004
Project: IEEE Wireless Personal Area Networks (WPANs)
December 2, 2018 doc.: IEEE r0 May, 2004
Submission Title: [WG-TG3 Closing Report Nov03]
March 2008 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Toumaz response to TG6 Call for Applications]
Submission Title: Proposed Text on Transmit Power Control for TGD
March 2018 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [SG SECN Call for Proposals] Date Submitted:
Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Security Architecture Considerations Date.
<May,2009> doc.: IEEE <doc .....> <July 2009>
September 2004 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Berlin Closing Report] Date Submitted:
Submission Title: [WG-TG3 closing Report May02]
Submission Title: IEEE : Management Slots in the MAC.
Nov 2013 Robert Moskowitz, Verizon
January 16, 2019 doc.: IEEE r0 September, 2004
doc.: IEEE <doc#>
Submission Title: [WG WNG Liaison Report January08]
Submission Title: [One-to-many and many-to-many peering procedures]
<month year> <doc.: IEEE doc> Julyl 2015
Submission Title: [WG-TG3 Closing Report Nov02]
Submission Title: [TG3a Closing Report September 2005]
Submission Title: [WG-TG3 closing Report Jan02]
<month year> doc.: IEEE <xyz> November 2000
<month year> doc.: IEEE / January 2005
Submission Title: [WG-TG3 Closing Report Nov02]
Submission Title: [WG-TG3 Closing Report Nov02]
doc.: IEEE /XXXr0 Sep 19, 2007 June 2009
Submission Title: [Frame and packet structure in ]
Submission Title: [PC Closing Report] Date Submitted: [19 May 2005]
<month year> <doc.: IEEE doc> May 2015
<month year> <Nov 2018>
Submission Title: IEEE : MAC Committee Closing Report and Plan
Submission Title: [One-to-many and many-to-many peering procedures]
Submission Title: [WG-TG3 Opening Report Mar02]
doc.: IEEE <doc#1>
<month year> doc.: IEEE / July 2004
March 2019 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [DF6 Radio-burst length over PSDU size] Date.
Submission Title: [Multi-hop Peering for PAC]
Jul 12, /12/10 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: TG4n Chinese Medical Band Closing.
Submission Title: IEEE : MAC Committee Opening Report and Plan
Submission Title: [WG-TG3 closing Report Jan02]
Tero Kivinen, AuthenTec
Submission Title: IEEE : MAC Committee Closing Report and Plan
Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [TG agreed text for frequency channel.
<month year> doc.: IEEE < e> <March 2016>
July 2010 <month year> doc.: IEEE g Doc.: IEEE g
<month year> doc.: IEEE < e> <March 2016>
Tero Kivinen, AuthenTec
September 2008 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Suggested TG3c PAR Changes] Date Submitted:
Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [TG agreed text for frequency channel.
Nov Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Report on IEEE PAC Draft Status]
Submission Title: Security Suite Compromise
July 2003 doc.: IEEE <03/242> July 2003
Jul 12, /12/10 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Dependable Interest Group Closing.
Submission Title: TG9ma Agenda for September Meeting
Jan 2008 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: TeraHertz Closing Report Date Submitted: January.
Presentation transcript:

27 Febraury 2002 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Security Sub-committee Status Report Date Submitted: 27 Feb, 2002 Source: Bob Huang, Dan Bailey, Gregg Rasor, Rene Struik, Matthew Wellborne Company: Sony, NTRU, Motorola, Certicom, XtremeSpectrum Address One Sony Drive TA3-12, Park Ridge, NJ 07656 Voice:201-358-4409, FAX: 201-9306397, E-Mail:robert.huang@am.sony.com Re: P802.15.3 Abstract: Reports the agreements that security sub-committee reached during the February 2002 ad hoc meeting in Schaumburg, IL. These agreements were reach considering the three security proposals presented on 25 February 2002. Purpose: For information, guidance and endorsement by 802.15.3 prior to considering the Security Suite proposals and complete standards texts at the March plenary meeting of 802.15.3. Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15. B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

27 Febraury 2002 Backgound Ad hoc security sub-committee met with the goal providing the St. Louis Plenary session with information that compares and contrasts the Security Suite proposals Identify areas of agreement Identify areas with different approach Identify impact of different approaches The security sub-committee received guidance from the larger group: security goals at slide 4 B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Backgound (cont.) Overviews of three security suite proposals 27 Febraury 2002 Backgound (cont.) Overviews of three security suite proposals Were presented at the ad hoc meeting Provided the base material for sub-committee work The proposals 02106r0P802-15_TG3-Overview-of-NTRU-Security-Suite.ppt 02107r0P802-15_TG3-Protocols-in-NTRU-Security-Suite.ppt 02108r0P802-15_TG3-Performance-and-Security-of-NTRU-Security-Suite.ppt 02111r0P802-15_TG3_WPAN_Security_Framework_Proposal.doc 02112r0P802-15_TG3_Summary_of_WPAN_Security_Proposal.ppt 02114r0P802-15_TG3-MAC-Distributed-Security-Proposal.ppt B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Security Goals Map similarities of all three proposals 27 Febraury 2002 Security Goals Map similarities of all three proposals Establish key components: Use cases Trust Model Threat models Public key for authentication Entity authentication Symmetric key for data protection Symmetric key update Integrity for data protection Protection of commands Non-goals: limiting the scope Limit the number of options for the whole group to consider B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Use Cases Will pull them from Schaumburg presentations and insert here 27 Febraury 2002 Use Cases Will pull them from Schaumburg presentations and insert here 02106r0P802-15_TG3-Overview-of-NTRU-Security-Suite.ppt 02114r0P802-15_TG3-MAC-Distributed-Security-Proposal.ppt Others may be added (in rev to this doc) B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Trust Model There is some trusted third party required Topology 27 Febraury 2002 Trust Model There is some trusted third party required Disagree on what the form/extent of this is, but a single message framework has be agreed to Two forms: Digital certificates User control mechanisms Topology Central and distributed SM models can implement each other Peer-to-peer security is implemented by all proposals By parameterizing the number of keys that a device will support, both approaches can be supported by the MAC DEV trusts DME to maintain access control list B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

27 Febraury 2002 Trust Model Two forms: - Digital certificates - User control mechanisms Key Characteristics B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

27 Febraury 2002 Threat Models Agree on protections required against external threats (outside the piconet) Pull common points from presentations The things we most care about are: Identity-based attacks Third-party passive attacks Third-party active attacks One other point: Potential threat from “fly-on-the-wall” inside the piconet (first party)- Rene will provide concise description of attacks Another point: Potential threat non-expiring authentications (first party)- Rene will provide concise description of attacks B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Public key for authentication 27 Febraury 2002 Public key for authentication Need to create an authentic channel using Public Key based techniques Mutual authentication is agreed Need an algorithm Three proposed: RSA, ECC, NTRUencrypt Agree that minimum level of security should be specified Need a protocol, agree on goals: To establish the identity (challenge) of the other party (DEV) To validate the public key (binding) of the other party (DEV) The user approves of their communication A payload protection seed shared with only the other party Different protocols proposed to meet these goals for each algorithm B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Entity authentication 27 Febraury 2002 Entity authentication Potential threat due to non-expiring authentications (first party) Note - Rene will provide concise description of attacks Need to assure that an entity is still alive Two approaches Provide explicit security mechanism Rely on other secure commands B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Symmetric key for data protection 27 Febraury 2002 Symmetric key for data protection Agree that we need to use symmetric key for data encryption/decryption Specific symmetric algorithms proposed: Two-key 3-DES, AES Mode of operation needs to be specified in each proposal Has implications on out-of-order packets We will try to support out-of-order packets Supporting out-of-order packets has implications on level of security provided B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

27 Febraury 2002 Symmetric key update Need to provide mechanism (protocol) to update shared keys Security policy dictates when required Two approaches (largely the same*) Without key confirmation With key confirmation * handled by proposals B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Integrity for data protection 27 Febraury 2002 Integrity for data protection We need to provide authenticity and integrity on data traffic Protect against traffic substitution/injection Protects against replay attacks Has implications on out-of-order packets We will try to support out-of-order packets by specifying the freshness granularity Two modes proposed (largely the same*): Encrypt-then-MAC and MAC-then-encrypt Specific symmetric algorithms proposed: Two-key 3-DES, SHA-1, et.seq. HMAC * handled by proposals B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Protection of commands 27 Febraury 2002 Protection of commands We need to provide authenticity on DEV-PNC or PNC-DEV commands Protect against command substitution/injection Protects against replay attacks We need to provide authenticity on DEV-DEV commands Same algorithms as data protection, but use different keys B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum

Non-goals: limiting the scope 27 Febraury 2002 Non-goals: limiting the scope Out of scope Implementation details: Key exposure Access control list management Handled by DME (Possible informative text) On both SM side and DEV side DRM (higher layer security) Registration of certificates Non-cryptographic means of establishing Identity-Public key binding B. Huang, D. Bailey, G. Rasor, R. Struik, M. Wellborne Sony, NTRU, Motorola, Certicom, XtremeSpectrum