Doc.: IEEE 802.11-11-0964r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: 2011-07-15 Authors:

Slides:



Advertisements
Similar presentations
Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Advertisements

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Submission doc.: IEEE 11-13/0487r0 May 2013 Dan Harkins, Aruba NetworksSlide 1 How To Fragment An IE Date: Authors:
Doc.: IEEE /0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: Authors:
Doc.: IEEE /0026r0 Submission January 2011 Sameer Vermani, QualcommSlide 1 VHT Supported MCS Field Date: Authors:
Doc.: IEEE /770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: Authors: Russ Housley (Vigil Security), et.
Doc.: IEEE /0032r1 Submission January 2007 Donghee Shim et al, LG Electronics, Inc.Slide 1 Comments resolutions: Emergency call support in 11u.
Submission doc.: IEEE 11-12/1253r1 November 2012 Dan Harkins, Aruba NetworksSlide 1 Why Use SIV for 11ai? Date: Authors:
Doc.: IEEE /0946r3 Submission August 2012 A proposal for next generation security in built on changes in ac 23 August 2012 Slide.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Doc.: IEEE / wng Submission March 2007 Takeshi Nakamura, Trinity Security Systems, Inc.Slide 1 IPN-WLAN: ‘IPN’ enabled Wireless LANs A.
Doc.: IEEE /2032r0 Submission July 2007 Stephen McCann, Nokia Siemens NetworksSlide 1 IEEE 802 ES Ad Hoc Notice: This document has been prepared.
Doc.: IEEE /0422r5 Submission April 2009 Matthew Gast, Trapeze NetworksSlide 1 TGmb Teleconferences March 2009 through May 2009 Date:
WEP Protocol Weaknesses and Vulnerabilities
Doc.: IEEE /0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: Authors:
Doc.: IEEE /1224r1 Submission September 2008 Jesse Walker, Intel CorporationSlide 1 IEEE TGw October Agenda Date: Authors:
Doc.: IEEE r0 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:
Doc.: IEEE b Submission November 2004 Robert Poor, Ember CorporationSlide 1 Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE /1077r0 Submission September 2010 Dan Harkins, Aruba NetworksSlide 1 Galois/Counter Mode (GCM) Date: Authors:
Doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 1 Secure Authentication Using Only A Password Date:
Doc.: IEEE /1063r0 Submission Nov 2005 Jon Edney, NokiaSlide 1 The Lock-out Problem - an Analysis Notice: This document has been prepared to assist.
Doc.: r0-I Submission July 22, 2003 Paul Lambert, Airgo NetworksSlide 1 Removing the TKIP Specific Backdoor from the CCMP Mode of Encryption.
Doc.: IEEE e Submission Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Security.
Doc.: IEEE /0315r4 Submission July 2009 Dan Harkins, Aruba NetworksSlide 1 Enhanced Security Date: Authors:
Doc.: IEEE /211r0-Michael-Attacks-And-Countermeasures Submission March 2003 Dan Harkins, Trapeze Networks.Slide 1 Attacks against Michael and.
Doc.: IEEE /0001r00 Agenda January 2016 Jay Holcomb, Itron Inc. IEEE RR-TAG Teleconference Agenda Date: 11 January 2016 Authors:
Doc.: IEEE /0848-r2 Submission July 2006 K.HayesSlide 1 RSC Pools for Mgmt Frames Notice: This document has been prepared to assist IEEE
Doc.: IEEE /0054r0 Submission March 2013 Mika Kasslin, NokiaSlide 1 TG1 Closing Report for March 2013 Notice: This document has been prepared.
Doc.: IEEE /0747r0 Submission May 2006 Lee Armstrong, Armstrong Consulting, Inc.Slide 1 TGp May Opening Presentation Notice: This document has.
Doc.: IEEE /1023r0 Submission September 2008 Bruce Kraemer, MarvellSlide 1 +1 (321) Marvell Lane, Santa Clara, CA, Name Company.
Doc.: IEEE /0422r0 Submission March 2009 Matthew Gast, Trapeze NetworksSlide 1 TGmb Teleconferences March 2009 through May 2009 Date:
Should NIST Develop an Additional Version of GCM? July 26, 2007 Morris Dworkin, Mathematician Security Technology Group
Doc.: IEEE /0946r1 Submission July 2012 A proposal for next generation security in built on changes in ac 16 July 2012 Slide 1 Authors:
Doc.: IEEE /1537r0 Submission November 2011 Mark Hamilton, Polycom, Inc.Slide 1 ARC-agenda-minutes-november-2011 Date: Authors:
Doc.: IEEE /0964r0 Submission September 2010 David Halasz, AclaraSlide 1 Smart Grid and Key Lengths Date: Authors:
Doc.: IEEE /1147r1 Submission November 2009 David Halasz, AclaraSlide 1 Path Protection Date: Authors:
Doc.: IEEE /0899r2 Submission July2010 Dan Harkins, Aruba NetworksSlide 1 Secure PSK Authentication Date: Authors:
Doc.: IEEE /0295r0 Submission March 15, 2011 Fei Tong, CSRSlide 1 Reference waveform generator for 11ac Notice: This document has been prepared.
Doc.: IEEE /0467r1 Submission May 2005 Richard Paine, BoeingSlide 1 11k LB73 Security Resolutions Notice: This document has been prepared to assist.
Doc.: IEEE /0099r2 Submission Jan 2013 A resolution proposal comments related to for next generation security in built on changes in ac.
Enhanced Security Date: Authors: May 2009 May 2009
Secure PSK Authentication
Enhanced Security Features for
July 2010 doc.: IEEE /0903r0 A resolution proposal comments related to for next generation security in built on changes in ac 14.
July 2017 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Suitability Evaluation of Encryption Schemes]
Enhanced Security Features for
<month year> doc.: IEEE < e> <Nov 2017>
<month year> doc.: IEEE < e> <Nov 2017>
Secure PSK Authentication
Key Descriptor Version in EAPOL Key Frames
December 2, 2018 doc.: IEEE r0 May, 2004
How To Fragment An IE Date: Authors: May 2013
QoS Resource Query Overview
July 2017 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Suitability Evaluation of Encryption Schemes]
July 2010 doc.: IEEE /0903r0 A proposal for next generation security in built on changes in ac 23 August 2012 Authors: Name Company.
January 16, 2019 doc.: IEEE r0 September, 2004
Project: IEEE P WG for Wireless Personal Area Networks (WPANs)
December 2015 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Security considerations for 15.3e] Date.
GCMP Restriction Date: Authors: January 2011 May 2010
Motions for 2007/01 Date: Authors: January 2007 Month Year
TKIP in w Date: Authors: September 2005 Month Year
Clause 7 Comment Resolutions
Proposed solution for comments on Beam modes
TGi Preliminary Agenda
Link Adaptation Subfield for VHT
doc.: IEEE <doc#>
July 2010 doc.: IEEE /0903r0 A resolution proposal comments related to for next generation security in built on changes in ac 14.
Submission Title: TG9ma Closing Report for July Meeting
Presentation transcript:

doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:

doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 2 Abstract Draft P802.11ac_1.0 forbids the use of TKIP and GCMP. This is problematic.

doc.: IEEE r1 Submission IEEE Anti-Trust Policies “Other kinds of violations can also arise in the standards process. For example, selecting one technology for inclusion in a standard is lawful, but an agreement to prohibit standards participants (or implementers) from implementing a competing standard or rival technology would be unlawful – although as a practical matter, a successful standard may lawfully achieve this result through the workings of the market.” (emphasis mine) Draft P802.11ac_D1.0 prohibits both TKIP and GCMP. –A protest was made over the exclusion of GCMP based on the policies of IEEE regarding unlawful anti-trust activity. July 2011 Dan Harkins, Aruba NetworksSlide 3

doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 4 Document 11-11/0896r0– status of protest The opinion of IEEE legal counsel (emphasis mine): –A standard can certainly prescribe a minimum functionality or feature set. A standard can also prohibit features that significantly interfere with the functionality or security of a prescribed feature. –But if an additional function or feature does not significantly interfere with the performance of the minimum feature, then it is difficult to justify a standard's excluding that functionality. –If there is a technical basis for the contemplated exclusion, then a discussion of that claimed basis should take place within the working group. If there was no intention to exclude a technology (but simply make clear that the standard does not require that technology), then the phrasing as written does not clearly accomplish the goal, and it should be rewritten.

doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 5 Do They Significantly Interfere with the Functionality or Security of 11ac? TKIP – yes, it interferes with security –The security assurance of its authentication component (Michael) is too weak for VHT– vs for CCMP. –RC4 (cipher used in TKIP) has known vulnerabilities. TKIP attempts to address them but no security proof exists. CCMP has a security proof. GCMP– no, its functionality and security is superior to CCMP –The security assurance of its authentication component (GHASH) is better than ’s instantiation of CCMP– GCMP has a 128-bit tag, CCMP has a truncated 64-bit tag. –GCMP performs authenticated encryption in one pass, CCMP uses two. –Implementations of GCMP can be faster than CCMP in both hardware and in software. –GCMP has a security proof.

doc.: IEEE r1 Submission Conclusion There is a valid technical reason to exclude TKIP. –It is too slow –It has an inacceptable security assurance. There is no valid technical reason to exclude GCMP. –GCMP does not interfere with the functionality or security of VHT –GCMP is actually a superior cipher to CCMP. We can resolve 25 GCMP comments in one of two ways: –Remove the prohibition on GCMP and provide the reasons why TKIP is prohibited; or –Strike the paragraph in its entirety! TKIP has been deprecated anyway. July 2011 Dan Harkins, Aruba NetworksSlide 6

doc.: IEEE r1 Submission Going Further Some VHT data rates cannot be supported by CCMP, even in hardware –No stalls in the AES pipeline with GCMP. A fast(er) software implementation of VHT –Software implementations of GCMP can be accelerated with look- up tables at a modest cost in memory. –Some vendors support a single “carryless multiply” operation that comprises the GHASH. This can be used to greatly increase the speed of a software implementation of GCMP. We can resolve 4 more GCMP comments –Add support for GCMP into 11ac draft, 11-10/1032r2 shows how! July 2011 Dan Harkins, Aruba NetworksSlide 7

doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 8 References p802-11ac-draft-language-protest ac-the-gcm-mode-of-aes D. McGrew and J. Viega-- The Security and Performance of the Galois/Counter Mode (GCM) of Operation. INDOCRYPT 2004, LNCS vol 3348, Springer, pp , Presentation by Morris Dworkin (NIST) to SAAG at 69 th IETF meeting, July 26 th,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.