Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:

Published byLoreen Farmer Modified over 8 years ago

Similar presentations

Presentation on theme: "Doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:"— Presentation transcript:

1 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date: 2008-03-14 Authors:

2 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 2 Abstract This presentation states the secure association setup problem when the MP with multiple radios joins into the mesh network.

3 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 3 Agenda Problem Statement Suggestions

4 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 4 Current Secure association setup mechanism Step2: Authenticate with AS through MKD –Build the root of trust, i.e., MSK/PSK. Key derivation mechanism –Derive PMK-MKD to distribute session keys between MPs. –Derive MKDK to establish secure link between MP and MKD. Step1: Authentication Method & Role & Key Management type Negotiation Step2:Authentication through MKD & The key hierarchy setup Step3: PTK/GTK distribution 4-Way handshake to build session keys Probe/Beacon Secure communication Peer Link Management Initial Authentication if needed Supplicant Mesh Authenticator

5 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 5 802.11s Key Hierarchy According to the current Key derivation mechanism –There will be multiple PMK-MKDs and MKDKs when the multiple radios MPs join the mesh network, because the MPs should have to use different SPA corresponding to different radio to differ the radios in order to derive PMK-MKD and MKDK. MeshTopLevelKeyData = KDF-768(XXKey, “Mesh Key Derivation”,MeshID, MKD-NAS-ID, MKDD-ID, SPA) –Multiple initial authentication procedures should have to be launched. Held by MKD, Supplicant & MA PMK-MA=KDF-256(PMK-MKD,”MA Key Derivation”, PMK-MKDName|| MA-ID|| SPA) MSK/PSK Held by MKD & Supplicant PMK-MKD = L(MeshTopLevelKeyData, 0, 256) Held & Derived by Supplicant & MA PTK=KDF(PMK-MA,”Mesh PTK key derivation”,MPTKSNonce|| MPTKANonce|| MA-ID||SPA||PMK-MAName) Held by Supplicant & MKD MKDK = L(MeshTopLevelKeyData, 384, 256) Held & Derived by Supplicant & MKD, deliver PMK-MA MPTK-KD=KDF-256(MKDK, “Mesh PTK-KD Key”,MA-Nonce||MKD- Nonce||MA-ID||MKD-ID) PMK-MA PMK-MKD PTK MKDK MPTK-KD Key Distribution branch Link Security Branch

6 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 6 Disadvantages of multiple authentications Can not detect the authentication credential is used for different MPs or different radios in the same MP simultaneously. –The authentication credential may be used by multiple MPs simultaneously. Increase the air cost overhead when launching multiple times initial authentication

7 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 7 Agenda Problem Statement Suggestions

8 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 8 Solution Requirements The initial authentication should only be launched once when an MP join the mesh network, no matter how many radios it has. –Authentication credential is issued one per device –Authenticate the device to produce trust credential secrecy –Doesn’t rely on the concrete authentication credential and authentication methods Different radio in the same MP should use different session key. –Distribute keys for radios of the device through One time initial authentication procedure Follow the 802.11s security requirements –Authentication process is to build the root of trust relationship and authorize the device to use the trust credential; such as MSK etc –The key management has to work at the MAC layer –The SAs has to be tied to the MAC addresses Less modification, more better

9 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 9 Possible solution AS Sup MP MAMKD 2. EAPOL (EAP-Request Identity) 3. EAPOL (EAP-Response Identity) 5. EAP Transport (EAP-Response Identity) 7. EAP Transport (EAP- Success, MSK) 9. EAPOL (EAP-Success) 1. EAPOL-Start 4. Mesh EAP encapsulation (EAP-Response Identity) Derive Pairwise Key (PMK-MKD, MKDK, PMK-MA) 8. Mesh EAP encapsulation(EAP- Response Accept PMK-MA) 6. EAP-specific (mutual) authentication Only one PMK-MKD and one MKDK for an MP, shared by all the radios –Introduce device ID which can only identify the MP, i.e., prime address –Using the Dev_ID instead of SPA when deriving MeshTopLevelKeyData MeshTopLevelKeyData = KDF-768(XXKey, “Mesh Key Derivation”,MeshID, MKD-NAS-ID, MKDD- ID, Dev_ID) No modification to the derivation formulas of the PMK-MA, PTK and MPTK-KD –Different Session Keys is derived for different radios The SPA is the communication radio’s MAC address of the MPs No modification of the 4-way handshake.

10 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 10 Mesh key holder security handshake Modification The MKDK is indexed the MA_ID in the MKD according to the current mechanism –The transmission address of handshake message 1 It is not suitable in our solutions, because the MA_ID has been changed to Dev_ID –Using the MKDKName to index the MKDK to establish secure association between MP and MKD.

11 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 11 Mesh key holder security handshake Modification The MKDK is indexed the MA_ID in the MKD according to the current mechanism –The transmission address of handshake message 1 It is not suitable in our solutions, because the MA_ID has been changed to Dev_ID –Using the MKDKName to index the MKDK to establish secure association between MP and MKD.

12 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 12 Straw Poll Would you like to use Dev_ID for deriving PMK- MKDs and MKDKs to enhance the authentication procedure of multiple radios MPs? Yes No

13 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 13 Reference Draft_P802.11s_D1.09

14 doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 14 Back Up The radios can use MIC to prove its legality a.To MKD when doing the Mesh key holder security handshake -ONLY the authorized device have the MPTK-KD to compute the MIC. b.To other MPs when doing the 4-Way handshake -ONLY the authorized device have the AKCK derived from PMK-MA to compute the MIC. MP MKD 1,MANonce,MA-ID , MKD-ID , MKDKName 2,MANonce,MKDNonce,MA-ID , MKD-ID , MKDKName,MIC 3,MANonce,MKDNonce,MA-ID , MKD-ID , MKDKName,MIC 4,MANonce,MKDNonce,MA-ID , MKD-ID , MKDKName,MIC MP 1,MANonce,SPA,MA-ID,MKDD-ID,PMK-MKDName 2,SPANounce,MANonce,SPA,MA-ID,MKDD-ID,PMK-MKDName,MIC 3,SPANounce,MANonce,SPA,MA-ID,MKDD-ID,PMK-MKDName, MIC 4,SPANounce,MANonce,SPA,MA-ID,MKDD-ID,PMK-MKDName,MIC a. Mesh key holder security handshake b. 4-Way handshake

Download ppt "Doc.: IEEE 802.11-08-0317r1 Submission March 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:"

Similar presentations

Doc.: IEEE 802.11-04/1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Doc.: IEEE 802.11-08/1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: 2008-11-10 Authors:

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-00xx-00-sec Title: IEEE 802.11r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: IEEE r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.
Doc.: IEEE 802.11-11/1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA

Doc.: IEEE /1160 Submission NameAffiliationsAddressPhone George CherianQualcomm 5775 Morehouse Dr, San Diego, CA, USA
Doc.: IEEE 802.11-08/1267r0 Submission November 2008 L. Chu Etc.Slide 1 Multiple Radio MP Date: 2008-11-04 Authors:

Doc.: IEEE /1267r0 Submission November 2008 L. Chu Etc.Slide 1 Multiple Radio MP Date: Authors:
Doc.: IEEE 802.11-08-0317r6 Submission July 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:

Doc.: IEEE r6 Submission July 2008 Charles Fan,Amy Zhang, HuaweiSlide 1 Authentication and Key Management of MP with multiple radios Date:
Doc.: IEEE 802.11-09/0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: 2009-03-08 Authors:

Doc.: IEEE /0283r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 Suggested Changes to the Abbreviated Handshake Date: Authors:
Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC), 2010.

Analysis and Improvements over DoS Attacks against IEEE i Standard Networks Security, Wireless Communications and Trusted Computing(NSWCTC), 2010.
Doc.: IEEE 802.11-12/0041r1 Submission NameAffiliationsAddressPhoneemail Robert Sun; Yunbo Li; Edward Au; Phillip Barber Huawei Technologies Co., Ltd.

Doc.: IEEE /0041r1 Submission NameAffiliationsAddressPhone Robert Sun; Yunbo Li; Edward Au; Phillip Barber Huawei Technologies Co., Ltd.
Doc.: Submission, Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Securing the 802.15.4 Network.

Doc.: Submission, Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Securing the Network.
Jesse Walker, 802.11 keying requirements1 Suggested 802.11 Keying Requirements Jesse Walker Intel Corporation

Jesse Walker, keying requirements1 Suggested Keying Requirements Jesse Walker Intel Corporation
Doc.: IEEE 802.11-11/1066r2 Submission July 2011 Robert Moskowitz, VerizonSlide 1 Link Setup Flow Date: 2011-05-10 Authors: NameCompanyAddressPhoneemail.

Doc.: IEEE /1066r2 Submission July 2011 Robert Moskowitz, VerizonSlide 1 Link Setup Flow Date: Authors: NameCompanyAddressPhone .
IEEE MEDIA INDEPENDENT HANDOVER DCN: srho

IEEE MEDIA INDEPENDENT HANDOVER DCN: srho
Doc.: IEEE 802.11-06/1625r1 Submission November 2006 Braskich, et al Slide 1 Update to Efficient Mesh Security and Link Establishment Notice: This document.

Doc.: IEEE /1625r1 Submission November 2006 Braskich, et al Slide 1 Update to Efficient Mesh Security and Link Establishment Notice: This document.
Doc.: IEEE 802.11-12/0039r0 Submission NameAffiliationsAddressPhoneemail Robert Sun; Yunbo Li Edward Au; Phil Barber Junghoon Suh; Osama Aboul-Magd Huawei.

Doc.: IEEE /0039r0 Submission NameAffiliationsAddressPhone Robert Sun; Yunbo Li Edward Au; Phil Barber Junghoon Suh; Osama Aboul-Magd Huawei.
Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.

Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.
Doc.: IEEE 802.11-04/0476r3 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.

Doc.: IEEE /0476r3 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.
Doc.: IEEE 802.11-04/1572r0 Submission December 2004 Harkins and AbobaSlide 1 PEKM (Post-EAP Key Management Protocol) Dan Harkins, Trapeze Networks

Doc.: IEEE /1572r0 Submission December 2004 Harkins and AbobaSlide 1 PEKM (Post-EAP Key Management Protocol) Dan Harkins, Trapeze Networks
Doc.: IEEE 802.11-04/0476r2 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.

Doc.: IEEE /0476r2 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.
Doc.: IEEE 802.11-02/551r0 Submission September 2002 Moore, Roshan, Cam-WingetSlide 1 TGi Frame Exchanges Tim Moore Microsoft Pejman Roshan Nancy Cam-Winget.

Doc.: IEEE /551r0 Submission September 2002 Moore, Roshan, Cam-WingetSlide 1 TGi Frame Exchanges Tim Moore Microsoft Pejman Roshan Nancy Cam-Winget.

Similar presentations

Ads by Google