Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-10/0964r0 Submission September 2010 David Halasz, AclaraSlide 1 Smart Grid and Key Lengths Date: 2010-08-09 Authors:

Published byLawrence Johnson Modified over 9 years ago

Similar presentations

Presentation on theme: "Doc.: IEEE 802.11-10/0964r0 Submission September 2010 David Halasz, AclaraSlide 1 Smart Grid and Key Lengths Date: 2010-08-09 Authors:"— Presentation transcript:

1 doc.: IEEE 802.11-10/0964r0 Submission September 2010 David Halasz, AclaraSlide 1 Smart Grid and Key Lengths Date: 2010-08-09 Authors:

2 doc.: IEEE 802.11-10/0964r0 Submission Abstract This submission reviews security in IEEE 802.11 with respect to the Draft NIST IR-7628. The primary concern is cryptographic modules and key lengths. Also this submission reviews a level of effort to extend key lengths in IEEE 802.11. September 2010 David Halasz, AclaraSlide 2

3 doc.: IEEE 802.11-10/0964r0 Submission Security within IEEE 802.11 IEEE 802.11i RSN –Assumes key of sufficient strength derived by 802.1X/EAP– authentication, key establishment, (some) key derivation outside scope of 802.11i. –4-Way Handshake Key derivation using HMAC-SHA1 of 384-bit PTK Key confirmation using HMAC-SHA1 with 128-bit KCK –Group Key Handshake NIST AES key wrap with 128-bit KEK –CTR with CBC-MAC Protocol (CCMP) with 128-bit TK IEEE 802.11r – Not reviewed IEEE 802.11w – Not reviewed IEEE 802.11s draft – Not reviewed September 2010 David Halasz, AclaraSlide 3

4 doc.: IEEE 802.11-10/0964r0 Submission IEEE 802.11i CTR with CBC-MAC Protocol (CCMP) –128 bit key, and 64 bit MIC –From NISTIR 7628 volume 2, Table 6-4 lists CCM with AES-128, AES-192 & AES-256 from now and beyond 2030 Does not mention MIC size! HMAC-SHA1 –128-bit key used for both key derivation and key confirmation –SP800-57 states that HMAC-SHA1 is acceptable as a key derivation function to provide up to 128-bits of key AES Key Wrap –A 128-bit key is used to wrap a 128-bit key September 2010 David Halasz, AclaraSlide 4

5 doc.: IEEE 802.11-10/0964r0 Submission IEEE 802.11i and Draft NIST IR-7628 Using HMAC-SHA1 to derive a 128-bit key for CCMP (with a 64-bit MIC) should be OK until 2030 under certain assumptions –the PMK used in the 4-way HS to derive the key for CCMP (the TK) has sufficient entropy From Draft NIST IR-7628, section 6.2.1.2 –“Cryptographic modules (both software and hardware) that can support increased key sizes and maintain needed performance should be preferred over those that cannot be changed in case a bit-strength reducing vulnerability is found in the cryptographic algorithm.” –“Over sizing cryptographic design (including but not limited to key size) to not only meet but exceed current security requirements may be prudent to avoid or delay the need for later upgrade.” Over-sizing cryptographic design requires more than just using a larger key with CCMP –HMAC-SHA1 is not acceptable for key derivation of 192- or 256-bits. –An x-bit key cannot wrap a y-bit key if x < y September 2010 David Halasz, AclaraSlide 5

6 doc.: IEEE 802.11-10/0964r0 Submission If we wanted to increase the key length, what would be needed? New assumption on the PMK derived from 802.1X/EAP –PMK will have comparable strength to be used with new cryptographic parameter set Definition of new AKM(s) –New key derivation method to expand a PMK of sufficient entropy into a longer PTK –New key confirmation method and increased length of KCK –New key wrapping algorithm and/or increased length of KEK Definition of new Ciphersuite(s) –New cipher mode to perform authenticated encryption that uses a longer TK Language governing gratuitous mixing-and-matching of AKMs and Ciphersuites September 2010 David Halasz, AclaraSlide 6

7 doc.: IEEE 802.11-10/0964r0 Submission References –Draft NISTIR v1.0 vol 1 – July 2010 http://collaborate.nist.gov/twiki- sggrid/pub/SmartGrid/NISTIR7628v1July2010/draft-nistir- 7628_vol1_final.pdfhttp://collaborate.nist.gov/twiki- sggrid/pub/SmartGrid/NISTIR7628v1July2010/draft-nistir- 7628_vol1_final.pdf –Draft NISTIR v1.0 vol 2 – July 2010 http://collaborate.nist.gov/twiki- sggrid/pub/SmartGrid/NISTIR7628v1July2010/draft-nistir- 7628_vol2_final.pdfhttp://collaborate.nist.gov/twiki- sggrid/pub/SmartGrid/NISTIR7628v1July2010/draft-nistir- 7628_vol2_final.pdf –Draft NISTIR v1.0 vol 3 – July 2010 http://collaborate.nist.gov/twiki- sggrid/pub/SmartGrid/NISTIR7628v1July2010/draft-nistir- 7628_vol3_final.pdfhttp://collaborate.nist.gov/twiki- sggrid/pub/SmartGrid/NISTIR7628v1July2010/draft-nistir- 7628_vol3_final.pdf –SP800-56A, SP800-57, SP800-97 http://csrc.nist.gov/publications/PubsSPs.html September 2010 David Halasz, AclaraSlide 7

Download ppt "Doc.: IEEE 802.11-10/0964r0 Submission September 2010 David Halasz, AclaraSlide 1 Smart Grid and Key Lengths Date: 2010-08-09 Authors:"

Similar presentations

IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-00xx-00-sec Title: IEEE 802.11r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: IEEE r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.
Doc.: IEEE 802.11-09/1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: 2009-09-15 Authors:

Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Doc.: IEEE 802.11-09/0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: 2009-03-08 Authors:

Doc.: IEEE /0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: Authors:
CN8816: Network Security 1 Security in Wireless LAN 802.11i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.

CN8816: Network Security 1 Security in Wireless LAN i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC), 2010.

Analysis and Improvements over DoS Attacks against IEEE i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC), 2010.
P1451.5 Security Survey and Recommendations By: Ryon Coleman October 16, 2003.

P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.
Doc.: IEEE 802.11-09/770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: 2009-07 Authors: Russ Housley (Vigil Security), et.

Doc.: IEEE /770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: Authors: Russ Housley (Vigil Security), et.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
Doc.: IEEE 802.11-11-0964r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: 2011-07-15 Authors:

Doc.: IEEE r1 Submission July 2011 Dan Harkins, Aruba NetworksSlide 1 Prohibiting Technology Date: Authors:
Doc.: Submission, Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Securing the 802.15.4 Network.

Doc.: Submission, Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Securing the Network.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
Doc.: IEEE 802.11-12/0573r1 Submission May 2012 David Halasz, Motorola MobilitySlide 1 Scalable Authentication Date: 2012-5-6 Authors:

Doc.: IEEE /0573r1 Submission May 2012 David Halasz, Motorola MobilitySlide 1 Scalable Authentication Date: Authors:
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.

Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
Michal Rapco 05, 2005 Security issues in Wireless LANs.

Michal Rapco 05, 2005 Security issues in Wireless LANs.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Message Authentication Requirements Disclosure Release of message contents to any person or process not possessing the appropriate cryptographic key Traffic.

Message Authentication Requirements Disclosure Release of message contents to any person or process not possessing the appropriate cryptographic key Traffic.

Similar presentations

Ads by Google