IEEE MEDIA INDEPENDENT HANDOVER DCN: REVP-Proposal-on-the-security-of Title: Proposal on the security of Date Submitted: May, 11, 2015 Presented at IEEE session #68 in Vancouver, Canada Authors or Source(s): Yuji Unagami, Yusuke Shimizu(Panasonic) Abstract: This document proposed a security of the We have been studying to use standard as the security technology with HEMS. We propose two items for flexible implementation REVP-Proposal-on-the-security-of
IEEE presentation release statements This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual and in Understanding Patent Issues During IEEE Standards Development Section 6.3 of the IEEE-SA Standards Board Operations Manualhttp://standards.ieee.org/guides/opman/sect6.html#6.3 IEEE presentation release statements This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws and in Understanding Patent Issues During IEEE Standards Development Section 6 of the IEEE-SA Standards Board bylawshttp://standards.ieee.org/guides/bylaws/sect6-7.html# REVP-Proposal-on-the-security-of
Background of this proposal Japanese Government(METI: Ministry of Economy, Trade and Industry) is leading the initiative to achieve HEMS(Home Energy Management System) systems. Note: Currently Each manufacture is using their own proprietary technology. Panasonic is one of the board member of this initiative to utilize ECHONET-Lite protocol for seamless communication between various home appliance product. Panasonic has been studying to use standard as the security technology with ECHONET-Lite. Home gateway device Currently Home gateway Future Proprietary non- interoperability non- interoperability Interoperability with standardized Interoperability with standardized Home gateway device REVP-Proposal-on-the-security-of
Background of this proposal We are studying to use d protocol for HEMS in Japan market. PoS with Group Manager : home gateway PoS : device(e.g. air conditioner, sensor, etc.) Flexible implementation is very important for the use of d. Processing of signature for each multicast transmission is too burden for air conditioner. PoS with Group Manager PoS MN Multicast Transport REVP-Proposal-on-the-security-of
ID_TYPE of SAID TLV Add new parameter in “ID_TYPE” field for the use of other key management technology. e.g. ECDH, Key distribution from the PoS with Group Manager, etc TYPELENGTHSEQUENCE (ID_TYPE, ID_VALUE) SAID TLV ID_TYPE 0: TLS-generated 1: EAP-generated 2: GKB-generated 3: Other-generated REVP-Proposal-on-the-security-of
Signature TLV It is stated in the specification of d. (8.4.2) A Signature TLV should be used for multicast MIH messages in order to provide source origin authentication for multicast MIH massages. Otherwise, a message alternation(alteration?) attack by an insider who has a GKB SA is possible even if the multicast MIH message is integrity protected by the group key corresponding to the GKB SA. Signature verification process is too much burden for the low- power computing device, however, there should be some scheme to prevent tampering by a third party. MIH header (S=1) Source MIHF Identifier TLV Destination MIHF Identifier TLV SAID TLVService Specific TLV AES_CCM MIH header (S=1) Source MIHF Identifier TLV Destination MIHF Identifier TLV SAID TLV ENC_DATAMIC_DATA Security TLV a message alteration attack by a third party who does not have a GKB SA is possible REVP-Proposal-on-the-security-of
Signature TLV Generate MIC_DATA not only by Service Specific TLV but also MIH frame. MIH header (S=1) Source MIHF Identifier TLV Destination MIHF Identifier TLV SAID TLVService Specific TLV AES_CCM(MIC) AES_CCM(Enc) MIH header (S=1) Source MIHF Identifier TLV Destination MIHF Identifier TLV SAID TLV Security TLV ENC_DATAMIC_DATA Third party who does not have GKB SA can not execute alteration attack REVP-Proposal-on-the-security-of