Doc.: IEEE 802.11-13/0133r3 Submission NameAffiliationsAddressPhoneemail Hitoshi MORIOKAAllied Telesis R&D Center 2-14-38 Tenjin, Chuo-ku, Fukuoka 810-0001.

Slides:



Advertisements
Similar presentations
Submission doc.: IEEE /1326r1 August 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Early Key Generation by ECDH and PKC Date:
Advertisements

Submission doc.: IEEE /0789r3 NameAffiliationsAddressPhone George Cherian Santosh Abraham Jouni Malinen Qualcomm 5775 Morehouse Dr, San Diego,
Doc.: IEEE /0093r2 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: IEEE /1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA
Submission doc.: IEEE 11-12/0271r1 March 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Big IE Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /0598r0 Submission May 2012 Steve Grau, Juniper NetworksSlide 1 Layer 3 Setup with Dynamic VLAN Assignment Date: Authors:
Doc.: IEEE /0032r0 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: IEEE /0567r1 Submission May 2012 Huawei Slide 1 Multiple Frequency Channel Scanning Date: Authors: NameAffiliationsAddressPhone .
Submission doc.: IEEE 11-14/0141r0 January 2014 Jarkko Kneckt (Nokia)Slide 1 Element Fragmentation Date: Authors:
Doc.: IEEE /0976r1 Submission July 2011 Hitoshi Morioka, ROOT INC.Slide 1 TGai Authentication Protocol Proposal Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /1042r3 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,
Doc.: IEEE /1042 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,
Doc.: IEEE /0034r0 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Submission doc.: IEEE /1003r1 July 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Upper Layer Data on Management frames Date:
Submission doc.: IEEE 11-12/0273r8 May 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Upper Layers Date: Authors: NameAffiliationsAddressPhone .
Submission doc.: IEEE 11-12/0273r9 May 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Upper Layers Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /1054r0 Submission Sep Santosh Pandey (Cisco)Slide 1 FILS Reduced Neighbor Report Date: Authors:
Submission doc.: IEEE 11-12/0246r2 NameAffiliationsAddressPhone Jing-Rong HsiehHTC Corp. 1F, 6-3 Baoqiang Road, Xindian district, New Taipei City,
Submission doc.: IEEE 11-10/0701r0 May 2012 Hitoshi Morioka, Allied Telesis R&D CenterSlide 1 Supplemental Information for HLCF Date: Authors:
Submission doc.: IEEE /1003r2 July 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Upper Layer Data on Management frames Date:
Doc.: IEEE ai Submission NameAffiliationsAddressPhone George Calcev Huawei Technologies Co., Ltd. huawei.com TGai.
Doc.: IEEE /0977r2 Submission NameAffiliationsAddressPhone Hitoshi MORIOKA ROOT INC Tenjin, Chuo-ku, Fukuoka JAPAN
Submission doc.: IEEE 11-12/0553r4 May 2012 Jarkko Kneckt, NokiaSlide 1 Response Criteria of Probe Request Date: Authors:
Submission doc.: IEEE /1034r4 September 2012 Jeongki Kim, LG ElectronicsSlide 1 Enhanced scanning procedure for FILS Date: Authors:
Doc.: IEEE /1109r0 Submission Month Year Tom Siep, CSRSlide 1 Amendment Creation Process Date: YYYY-MM-DD Authors:
Submission doc.: IEEE ai September 2012 Lei Wang, InterDigital CommunicationsSlide 1 Ad Hoc Discussions of ai Passive Scanning during.
Submission doc.: IEEE ai May 2012 Lei Wang, InterDigital CommunicationsSlide 1 Proposed SFD Text for ai AP/STA Initiated FILS Optimizations.
Doc.: IEEE /1042r1 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang,
Doc.: IEEE /0275r3 Submission March 2012 Hitoshi Morioka, Allied Telesis R&D CenterSlide 1 Higher Layer Configuration Function for TGai SFD Date:
Doc.: IEEE /0977r1 Submission NameAffiliationsAddressPhone Hitoshi MORIOKA ROOT INC Tenjin, Chuo-ku, Fukuoka JAPAN
Doc.: IEEE /0093r0 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Submission doc.: IEEE 11-10/1367r01 Nov 2012 Hiroshi Mano (ATRD)Slide 1 TGai- Motion/Straw Poll-Nov-2012-San-Antonio Date: Authors:
Doc.: Submission May 13, 2013 Rene Struik (Struik Security Consultancy)Slide 1 FILS Handling of Large Objects, FILS Piggy-Backing Date:
Submission doc.: IEEE 11-10/1367r00 Nov 2012 Hiroshi Mano (ATRD)Slide 1 TGai- Motion/Straw Poll-Nov-2012-San-Antonio Date: Authors:
Doc.: IEEE /0568r0 Submission May 2012 Young Hoon Kwon, Huawei Slide 1 AP Discovery Information Broadcasting Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /0010r1 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: Submission January 22, 2014 Rene Struik (Struik Security Consultancy)Slide 1 TGai Motions Date: Authors: NameCompanyAddressPhone .
Doc.: Submission March 21, 2013 René Struik (Struik Security Consultancy)Slide 1 FILS Handling of Large Objects Date: Authors:
Submission doc.: IEEE 11-12/0273r7 May 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Upper Layers Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /0896r0 SubmissionJae Seung Lee, ETRISlide 1 Probe Request Filtering Criteria Date: July 2012.
Submission doc.: IEEE 11-12/0273r5 March 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Upper Layers Date: Authors: NameAffiliationsAddressPhone .
Doc.: IEEE /0977r6 Submission NameAffiliationsAddressPhone Hitoshi MORIOKA Allied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: IEEE /0977r4 Submission NameAffiliationsAddressPhone Hitoshi MORIOKA Allied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: Submission February 5, 2013 René Struik (Struik Security Consultancy)Slide 1 FILS Handling of Large Objects Date: Authors:
Doc.: IEEE /484r0 Submission NameAffiliationsAddressPhone George Cherian Santosh Abraham Qualcomm 5775 Morehouse Dr, San Diego, CA, USA +1.
Submission doc.: IEEE 11-12/0273r10 May 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Upper Layers Date: Authors: NameAffiliationsAddressPhone .
Doc.: Submission May 14, 2013 Rene Struik (Struik Security Consultancy)Slide 1 FILS Piggy-Backing Aspects Date: Authors: NameCompanyAddressPhone .
Submission doc.: IEEE /1146r0 Hitoshi Morioka, ROOT INC. Jun 2010 Feasibility Study of FIA Date: Authors: NameCompanyAddressPhone .
Higher Layer Packet Container Proposal Presentation
FILS Reduced Neighbor Report
November 2010 doc.: IEEE e Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: LB60 comment.
TGai-Motion/Straw Poll-Jan-2013-Vancouver
Service discovery architecture for TGaq
Fast Authentication in TGai
IP Address assignment: Offline discussion summary
FILS Handling of Large Objects
FILS Handling of Large Objects, FILS Piggy-Backing
FILS Handling of Large Objects
An Example Protocol for FastAKM
FILS Reduced Neighbor Report
FILS Handling of Large Objects
TGai Motions Date: Authors: January 22, 2014 Name Company
Reducing Overhead in Active Scanning with Simulation Results
doc.: IEEE /454r0 Bob Beach Symbol Technologies
Fast Authentication in TGai
FILS Handling of Large Objects
Reducing Overhead in Active Scanning with Simulation Results
Fast Authentication in TGai
Reducing Overhead in Active Scanning
Reducing Overhead in Active Scanning
Presentation transcript:

doc.: IEEE /0133r3 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka JAPAN George CherianQualcomm5775 Morehouse Dr, San Diego, CA, USA m Rene StruikStruik Security Consultancy Toronto, ON, CanadaCell: +1 (647) Skype: rstruik Nehru BhandaruBroadcom Hiroki NakanoTrans New Technology, Inc. 8F, 62 Tukiboko-cho, Shimogyo, Kyoto JAPAN January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 1 Higher Layer Setup Ad-hoc Summary Date: Authors:

doc.: IEEE /0133r3 Submission January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 2 Abstract This document is the summary of higher layer setup ad- hoc held on Tue. PM2, Wed. PM1 and Thu. AM1.

doc.: IEEE /0133r3 Submission FILS Authentication/Association (D0.3) January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 3 STA AP Authentication Association Request Association Response Key Derivation Part of the Frame is Encrypted Key Confirmation

doc.: IEEE /0133r3 Submission Encryption Part in Assoc. Req./Resp. in D0.3 January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 4 MAC Header Capability IEs FILS Session IE IEs FCS All IEs following FILS Session IE shall be encrypted.

doc.: IEEE /0133r3 Submission Problem Description Draft 0.2, section says: –“The input ciphertext shall be the contents of the Association Response frame that follow the FILS Session element” What does it mean? –All vendor specific IEs will need to be encrypted –All IEs added in the future will need to be encrypted –We should remain the ability to add unencrypted, but authenticated IEs in the future.

doc.: IEEE /0133r3 Submission Proposal Define a new IE in Association Req/Resp that can be used to carry a set of TLVs (that include higher layer information etc.) –Will need the ability to encrypt the content –Will need the ability to fragment the content Because –Higher Layer Information shall be protected. –Higher Layer Information may be larger than 255 octets.

doc.: IEEE /0133r3 Submission Encryption Part in Assoc. Req./Resp. of the Proposal January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 7 Only the value of the Secure Container IE(s) is(are) Encrypted (type and length info is not Encrypted) MAC Header Capability IEs Secure Container IE(s) FCS IEs (future IEs and Vendor Specific IEs) MAC Header Capability IEs FILS Session IE IEs FCS D0.3Proposal FILS Session IE

doc.: IEEE /0133r3 Submission Secure Container IE Concept January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 8 DATA2 TagLength TLV is not IE. Length field is 2 octets to accommodate large data. EID Len Frag. Info. Fragment into Container IEs. TLVs EID Len Frag. Info. EID Len Frag. Info. DATA1 TagLength DATA2 EID Encrypted TLVs (may larger than 255 octets) Encrypted TLVs In a Single Frame Encipher entire value of container IE Len Subsequently, do fragmentation

doc.: IEEE /0133r3 Submission More Requirements The following information MUST be authenticated –BSSID –STA’s MAC Address –AP Nonce –STA Nonce –Capability field –All IEs January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 9

doc.: IEEE /0133r3 Submission Detailed Encryption Sequence (1) January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 10 DATA2 DATA1 TagLen1 DATA1 TagLen2 DATA2 STEP 1: Construct TLVs for each data. TagLen1 DATA1 TagLen2 DATA2 STEP 2: Concatenate all TLVs to a single bundle. Len=Len1 + Len2+2x2x2 Encrypted TLVs STEP 3: Encrypt entire bundle As part of AEAD Forward operation For details, see next slide EID Len EID Len

doc.: IEEE /0133r3 Submission Detailed Encryption Sequence (2) January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 11 STEP 3 (detail): Encrypt the TLVs. Key: KEK2 Plaintext: TLVs AAD: BSSID, STA addr, AP Nonce, STA Nonce, Capability, IEs (not to encrypt), IE headers computed in STEP 3. Nonce: (AP->STA) 0, (STA->AP) 1 EID LenA EID LenB EID LenC Encrypted TLVs STEP 4: Fragment the encrypted TLVs. Confirm the headers are same as computed in STEP 3a. MAC Header Capability IEs Secure Container IE(s) MAC Tag IEs (future IEs and Vendor Specific IEs) STEP 5: Prepare the frame to transmit. EID Len Encrypted TLVs FCS

doc.: IEEE /0133r3 Submission Start of decryption Sequence (1) January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 12 EID LenA EID LenB EID LenC Encrypted TLVs MAC Header Capability IEs Secure Container IE(s) MAC Tag IEs (future IEs and Vendor Specific IEs) EID Len Encrypted TLVs FCS MAC Header Capability IEs Secure Container IE(s) Without fragmentation MAC Tag IEs (future IEs and Vendor Specific IEs) Etc.

doc.: IEEE /0133r3 Submission Straw poll Do you support the suggested changes to the encryption and authentication process by which portions of Association Request/Response frame are authenticated and/or encrypted, as described on these slides? Result –Yes: –No: –Need more info: –Don’t Care: January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 13

doc.: IEEE /0133r3 Submission Backup January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 14

doc.: IEEE /0133r3 Submission Straw poll 1 Do you support to modify the encryption of Association Request/Response? Result (Y/N/A): 10/2/24 January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 15

doc.: IEEE /0133r3 Submission Straw poll 2 Do you support to create container IE for encryption and fragmentation? Result (Y/N/Need more info): 8/2/24 January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 16

doc.: IEEE /0133r3 Submission Generic Fragmentation Container IE Concept January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 17 DATA > 255 octets DATA > 255 octets Single IE CANNOT carry data larger than 255 octets. So we’d like to provide generic framework for large data. DATA > 255 octets DATA > 255 octets TagLength TLV is not IE. Length field is 2 octets to accommodate large data. TagLength EID Len Frag. Info. DATA EID Len Frag. Info. DATA EID Len Frag. Info. DATA Fragment into Container IEs. TLV DHCP In Single Frame

doc.: IEEE /0133r3 Submission Generic Encryption Container IE Concept January 2013 Hitoshi Morioka, Allied Telesis R&D CenterSlide 18 DATA2 TagLength TLV is not IE. Length field is 2 octets to accommodate large data. EID Len Frag. Info. Fragment into Container IEs. TLVs Encrypt. Info. EID Len Frag. Info. EID Len Frag. Info. DATA1 TagLength DATA2 Encrypt. Info. Encrypted TLVs (may larger than 255 octets) Encrypted TLVs In Single Frame

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.