Doc.: IEEE 802.11-08/1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: 2008-11-10 Authors:

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Advertisements

Doc.: IEEE /1326r1 Submission November 2008 Donald Eastlake 3rd, MotorolaSlide 1 TGs Process, November Date: Author:
Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Doc.: IEEE /0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 1 A vendor specific plan for centralized security Date: Authors:
Doc.: IEEE /0165r1 SubmissionPäivi Ruuska, NokiaSlide 1 Implementation aspects of a coexistence system Notice: This document has been.
Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Submission doc.: IEEE 11-12/0553r0 May 2012 Jarkko Kneckt, NokiaSlide 1 Response Criteria of Probe Request Date: Authors:
Doc.: IEEE /0836r2 Submission July 2008 Dan Harkins, Aruba NetworksSlide 1 Changes to SAE State Machine Date: Authors:
Submission doc.: IEEE 11-13/0487r0 May 2013 Dan Harkins, Aruba NetworksSlide 1 How To Fragment An IE Date: Authors:
Doc.: IEEE /0115r0 Submissions January 2008 Gabor Bajko, NokiaSlide 1 Support for un-authenticated Emergency Services Date: Authors:
Doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins.
Doc.: IEEE /689r0 Submission November 2002 Dan Harkins, Trapeze Networks.Slide 1 Re-authentication when Roaming Dan Harkins.
Doc.: IEEE /1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA
Doc.: IEEE /1125r0 Submission September 2010 Marc Emmelmann, Fraunhofer FOKUSSlide 1 How does the (new) Fast Initial Link Set- Up PAR address.
Submission doc.: IEEE 11-10/0443r0 March 2014 Jarkko Kneckt, NokiaSlide 1 What Is P2P Traffic in HEW Simulation Scenarios? Date: Authors:
Doc.: IEEE /0578r0 Submission 2008 May Jarkko Kneckt, NokiaSlide 1 Forwarding in mesh containing MPs in power save Date: Authors:
Doc.: IEEE /0898r2 Submission July 2012 Marc Emmelmann, FOKUSSlide 1 Fast Initial Service Discovery: An enabler for Self-Growing Date:
Doc.: IEEE /0877r0 Submission June WG Slide 1 TGs response to CN NB comments Date: Authors:
Doc.: IEEE /1345r0 Submission November 2013 Jiamin Chen, HuaweiSlide 1 Dynamic Channel Transfer(DCT) Procedure for IEEE aj ( 60GHz New Technique.
Doc.: IEEE /1267r0 Submission November 2008 L. Chu Etc.Slide 1 Multiple Radio MP Date: Authors:
Doc.: IEEE r6 Submission July 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:
Doc.: IEEE /0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: Authors:
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
Doc.: IEEE /0508r0 Submission May 2007 Matthew Gast, Trapeze NetworksSlide 1 EAP Method Requirements for Emergency Services Notice: This document.
Doc.: IEEE /1572r0 Submission December 2004 Harkins and AbobaSlide 1 PEKM (Post-EAP Key Management Protocol) Dan Harkins, Trapeze Networks
Doc.: IEEE /0374r0 Submission March 2010 Dan Harkins, Aruba NetworksSlide 1 Clarifying the Behavior of PMK Caching Date: Authors:
Submission doc.: IEEE 11-14/0062r0 January 2014 Dan Harkins, Aruba NetworksSlide 1 PMK Caching for FILS Date: Authors:
Doc.: IEEE /0691r0 Submission May 2011 Dorothy Stanley, Aruba NetworksSlide 1 IEEE IETF Liaison Report Date: Authors:
Doc.: IEEE /0358r0 Submission March 2007 Zhao and Walker, Intel CorpSlide 1 Thoughts on Peer Capacity Date: Authors: Notice: This document.
Doc.: IEEE /0617r0 Submission May 2008 Tony Braskich, MotorolaSlide 1 Refining the Security Architecture Date: Authors:
Submission doc.: IEEE /1128r1 September 2015 Dan Harkins, Aruba Networks (an HP company)Slide 1 Opportunistic Wireless Encryption Date:
Doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 1 Secure Authentication Using Only A Password Date:
Doc.: IEEE /0315r4 Submission July 2009 Dan Harkins, Aruba NetworksSlide 1 Enhanced Security Date: Authors:
Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.
Doc.: IEEE / wng Submission March 2012 Paul A. Lambert (Marvell)Slide 1 Security Framework Date: Authors:
Doc.: IEEE /403r0 Submission July 2001 Albert Young, 3Com, et alSlide 1 Supplementary Functional Requirements for Tgi ESS Networks Submitted to.
Extensions to the Emergency Services Architecture for dealing with Unauthenticated and Unauthorized Devices draft-ietf-ecrit-unauthenticated-access-03.txt.
November 2011 Jin-Meng Ho and David Davenport. doc.: IEEE Slide 1Submission Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:
Doc.: IEEE /1212r0 Submission September 2011 IEEE Slide 1 The Purpose and Justification of WAPI Comparing Apples to Apples, not Apples to.
Doc.: IEEE /2200r2 Submission July 2007 Sandesh Goel, Marvell et alSlide 1 Route Metric Proposal Date: Authors:
Doc.: IEEE /0899r2 Submission July2010 Dan Harkins, Aruba NetworksSlide 1 Secure PSK Authentication Date: Authors:
Protocol Coexistence Issue in MSA Subsequent Authentication
Submission doc.: IEEE r1 March 2012 Dan Harkins, Aruba NetworksSlide 1 The Pitfalls of Hacking and Grafting Date: Authors:
Doc.: IEEE /2539r0 Submission September 2007 Tony Braskich, MotorolaSlide 1 Overview of an abbreviated handshake with sequential and simultaneous.
Doc.: IEEE /2179r0 Submission July 2007 Steve Emeott, MotorolaSlide 1 Summary of Updates to MSA Overview and MKD Functionality Text Date:
Relationship between peer link and physical link
Secure PSK Authentication
Authentication and Upper-Layer Messaging
Enhanced Security Features for
Enhanced Security Features for
Comment Resolution Plan
Secure PSK Authentication
Overview of Key Holder Security Association Teardown Mechanism
Opportunistic Wireless Encryption
PEKM (Post-EAP Key Management Protocol)
Key Distribution for Mesh Link Security
Comment Resolution Plan
Comment Resolution Plan
Summary of Updates to Abbreviated Handshake
Security Properties Straw Polls
Changes to SAE State Machine
Authentication and Key Management of MP with multiple radios
802.1X in s Discussion Date: Authors: March 2011
TGr Authentication Framework
Relationship between peer link and physical link
Overview of Improvements to Key Holder Protocols
TGr Authentication Framework
Overview of Improvements to Key Holder Protocols
EAP Method Requirements for Emergency Services
Presentation transcript:

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 2 Abstract This document presents an idea to radically simplify the draft.

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 3 Security Architecture is Confusing There are many protocols– Abbreviated Handshake, MSA 4-way Handshake, SAE, MSA Initial Exchange, MSA Key Pulling, Mesh Key Holder Handshake, Peer Link Management The relationship between them is complex Fundamentally there are two models for mesh security being represented with these protocols: –An ad-hoc laissez-faire model where each device authenticates its peer(s) directly based upon its peer(s) credential(s). –A centralized model where each device authenticates, through the device with which it wants to establish a secure connection, to a centralized server which then distributes keys to both devices.

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 4 Centralized Mesh A mesh is, fundamentally, a peer-to-peer network. The centralized mesh attempts to overlay a client-server model on top of that. –Must use a peer-to-peer protocol, like the Peer Link Management protocol, to negotiate roles. –Once roles are established client-server protocols are used for authentication– MSA Initial Exchange (802.1x), MSA 4-way Handshake– to establish keys and bring up a session. This creates much complexity. –At least 18 decision points (perhaps more?) when the centralized mesh maintains key hierarchies. –At least 8 decision points when the centralized mesh uses a key distributor. –Multiple centralized key servers causes much more complexity. –There are race conditions that need to be addressed. This makes for a more fragile mesh. Topological changes can create islands of connectivity with no connection to the centralized key server. Two islands cannot connect until one of them discovers a connection to the centralized key server. The mesh forms more slowly and has trouble healing itself.

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 5 AbbrHS Peer discovered Shared an MKD? yes MKD identified? PMK available? Succeed? no yes PLM SAE succeeds AbbrHS Succeeds? yes no SAE preferred? MKD decided? EAP authentication 4WHS yes no Am I the authenticator? Have supplicants key? yes no Key pulled? yes MSA 4WHS/AbbrHS Need authentication? EAP succeeds? MSA 4WHS yes Initiate AbbrHS? AbbrHS Wait to respond to 4WHS no yes MSA 4WHS/AbbrHS Session Protocol Decisions with MSA Key Hierarchies (stolen from 11-08/1296r0) fail succeed fail succeed fail succeed fail no yes no fail yes no fail no Only 1 MKD? yes fail

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 6 Peer Discovery Do I share PMK with Peer? SAE or EAP? No SAE Succeeds? Yes Abbrev HS Succeeds? Yes Session Yes No SAE EAP PLM Succeeds? No Do I share MKD with Peer? Yes Key Pulling Succeeds? EAP Succeeds? Yes No Yes No Protocol Decisions with Key Distribution (stolen from 11-08/1296r0)

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 7 Laissez-Faire Mesh The mesh remains peer-to-peer –Authentication is peer-to-peer at authentication time. –Session establishment is peer-to-peer post authentication. Protocol decisions are much simpler. Its possible to be authenticated to more than one mesh point. It is not necessary to throw away a PMK when the session is torn down (and session keys are thrown away). This brings up an interesting state diagram analogous to figure 11-6 in IEEE Std

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 8 A State Representation that is Known and Understood Unauthenticated And Unassociated Authenticated And Unassociated Authenticated And Associated authentication association disassociation deauthentication SAE authentication Abbreviated Handshake Peer link close Key expiry or deauthentication No shared key And No peer link Shared key And No peer link Shared key And Peer link

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 9 Laissez-Faire Mesh Abbrev HS Succeeds? Session Do I share PMK with Peer? Did SAE succeed? Yes Peer Discovery Yes No Yes No Three decision points Simple to describe and simple to implement Short latency in establishing secure link Lower debugging and testing costs

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 10 The Modest Proposal… Greatly simplify the 11s draft by getting rid of the centralized mesh option. If mesh security is desired, use SAE and the Abbreviated Handshake; if its not use PLM

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 11 The Modest Proposal… What do we lose if we get rid of the centralized option? –Existing authentication infrastructure based on AAA technology will not be used for establishment of the mesh, but can continue to be used to authenticate users (its reason for existence). –A Passphrase/PSK is the only supported credential a mesh point can use to authenticate (unless we resurrect an older proposal for peer-to-peer authentication with certificates, which is not part of this modest proposal). –Revocation of a mesh points credential is problematic, especially if per- device credentials are not used. What do we gain if we get rid of the centralized option? –A much simpler and less confusing specification, elimination of many comments (there are around 190 on MSA alone!), and the probability of being done earlier. –A more robust mesh that forms faster and can heal itself faster in the event of unanticipated partition.

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 12 What Kind of Mesh Do You Envision? There are use cases for which the laissez-faire model works but the centralized model does not: –Small office/home-office mesh –A PDA meshing with a phone meshing with a baby monitor meshing with a digital video recorder (DVR) meshing with…. The laissez-faire model makes sense even in the deployments where a centralized model makes sense: –Emergency responder– why worry about access to an MKD when lives are at stake? –Metropolitan or enterprise mesh– the infrastructure can be built securely using SAE. While a AAA server probably exists the need to use it for device authentication is not very compelling. And nothing stops it from continuing to be used to authenticate clients (not MPs)!

doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 13 How about a straw poll? The TGs motto is: perfection is achieved not when there is nothing else to add but when there is nothing else to take away. Q: The centralized mesh option should be removed from the draft. - Yes: - No: - Unable to make an opinion either way:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.