Light Weight Access Point Protocol (LWAPP) Pat R. Calhoun draft-ohara-capwap-lwapp-01.txt

Introduction Components of protocol: –Discovery phase –Control Channel Management Join (binding phase) –Creates LWAPP security association Watchdog Key Update –WTP Configuration WTP initiated Configuration Request AC initiated Configuration Update WTP Config Clear

Introduction (cont.) Components of protocol: –Device Management Operations WTP Reset WTP Firmware Download WTP Event Notification (Unsolicited events, such as statistics) –Mobile Management Create forwarding policies on WTP –IEEE Technology Binding WLAN (service) Configuration

WTP/AC Communication Discovery Phase Join Phase Security Association Established – encryption enabled WTP Configuration AP Advertises service Image Data Transfer AP Reboots with new firmware Either: 1) or 2) WTPAC

New LWAPP State Machine / \ | v | | C| Idle | | | / | C| Run | | Key Update | | | / | r | | b | Reset | | | |d f| ^ | Configure | > | | | | | p ^ | |e v | | ^ ^ | | v |i |k 2| | | C| Sulking | | | C| Join |--->| Join-Confirm | | | g z | | |h m| 3| |4 | | | | | v |o |\ | | | \\ / \ >| Image Data |C \ / n

New LWAPP State Machine State machine is now consistent with text throughout the document New text in -01 now has explicit text about state machine behavior, for instance: Idle to Discovery (a): This is the initialization state. WTP: The WTP enters the Discovery state prior to transmitting the first Discovery Request (see Section 5.1). Upon entering this state, the WTP sets the DiscoveryInterval timer (see Section 12). The WTP resets the DiscoveryCount counter to zero (0) (see Section 13). The WTP also clears all information from ACs (e.g., AC Addresses) it may have received during a previous Discovery phase. AC: The AC does not need to maintain state information for the WTP upon reception of the Discovery Request, but it MUST respond with a Discovery Response (see Section 5.2).

Technology Bindings Added text about how to add new technology bindings (section 2.1) Moved and renamed all specific protocol components to binding (section 11) Defined IEEE specific message elements in binding section –Mobile Config Request (section ) –WTP Event Request (section )

Technology Bindings (cont.) Introduced IEEE specific commands –IEEE WLAN Config Request –IEEE WLAN Config Response –IEEE WTP Event Many IEEE specific message elements are defined in section 11

LWAPP Transport LWAPP is transport agnostic. Specification defines IP/UDP and IEEE –New text (01) now a single transport header IEEE and IP/UDP refer back to single header figure |VER| RID |C|F|L| Frag ID | Length | | Status/WLANs | Payload... |

Division of Labor – Split MAC WTP – control protocol – beacons – probe responses –802.11e frame queuing –802.11i frame encryption AC – MAC management e.g., Association, Action – Data Frames –802.11e resource reservation –802.11i Auth/Key Exchange Local MAC behavior will be added in -03.

LWAPP Data Frames –LWAPP defines the following format for the IEEE technology binding: |Transport Header | LWAPP Header [C=0] | Frame

LWAPP Control Messages LWAPP defines a specific header for Control messages: | Message Type | Seq Num | Msg Element Length | | Session ID | | Msg Element [0..N] |

LWAPP Messages Increased the readability of every LWAPP Control message: –Section now includes all message elements allowed: 5.2 Discovery Response AC Address AC Descriptor AC Name WTP Manager Control IP Address –Includes complete instructions on WTP and AC behavior, and ties back into state machine –Refers to all necessary timers and variables (sections 12 and 13)

Message Elements Significant formatting changes –Removed large message element table –Each message element now includes identifier number and length Discovery Type The Discovery message element is used to configure an WTP to operate in a specific mode | Discovery Type| Type: 58 for Discovery Type Length: 1 Discovery Type: An 8-bit value indicating how the AC was discovered. The following values are supported: 0 - Broadcast 1 - Configured

Security Significant cleanup in text detailing certificate based LWAPP security –Message elements clearly spell out their contents Introduction of PSK –State machine changes –Changes to certain message elements to handle both modes of operation –Specific text detailing DH/PRF security approach AC Advertises security modes supported in AC Descriptor (section 5.2.2) New Security Considerations section for both modes of operation.

Certificate Based Security Join request (WTP-Cert, SID) Join Response (AC-Cert, SID, cipher-text) AC Creates session keys (KeyMaterial) Data = E-wtp{Kpub, PKCS1(KeyMaterial)} Cipher-text = E-ac{Kpriv, SID|Data} WTPAC Data = D-ac{Kpub, Cipher-text} PKCS1(KeyMaterial) = D-ac{Kpriv, data} AES-CCM Encrypted Control Channel

PSK Based Security Join request (DH-Params(g, p, g^x mod p), WNonce, SID) Join Response (DH-Params(g^y mod p), SID, ANonce, PSK-MIC) AC chooses exponent y and creates ANonce PMS = LEN_16(Z) | Z | LEN_16(PSK) | PSK KeyMaterial = PRF(PMS, "master secret", Wnonce + Anonce) Key Material is split into K1 (KCK), K2 (KEK) and K3 (Rekey key) WTPAC WTP computes key PSK-MIC validation provides key confirmation AES-CCM Encrypted Control Channel Join ACK (SID, PSK-MIC) Join Confirm (SID, PSK-MIC) PSK-MIC validation provides key confirmation Authenticated Join Confirm closes the state machine loop AC chooses exponent x and creates WNonce