Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 1 Protection of Action Frames Jon Edney Nokia

Similar presentations


Presentation on theme: "Doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 1 Protection of Action Frames Jon Edney Nokia"— Presentation transcript:

1 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 1 Protection of Action Frames Jon Edney Nokia Jon.edney@ntlworld.com

2 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 2 Issue Action management frame has been defined and used in TGh. Also proposed for use in TGe & TGk Currently there is no security protection for action frame: –No integrity protection –No privacy

3 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 3 What is Action Frame? It is a management frame with an open payload. The format / meaning of the payload depends on the application and is different between task groups. Basic format: CATEGORYACTION DETAILS 1 octetN octets 0 : Spectrum management 1 – 127 : reserved for other applications 128 – 255 : Error

4 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 4 Why is protection needed? TGk plan to use the action frame to send data about the current status of stations and access points. This information should be private to the network. External monitoring can reveal information such as the location of stations in a building Forging of action frames could cause unwanted network behaviour – active attacks may be possible Very likely that other task groups in future will need both integrity and privacy for the information they wish to pass in action frames

5 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 5 Problem If TGi does not propose a solution for Action Frames then the other groups are likely to make an attempt to provide their own security - This is probably bad

6 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 6 Suggested approaches Protect using key derived from group key using separate sequence counter Treat action frame like a data frame and use existing pairwise or group keys with existing sequence counter

7 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 7 Frame coding Use upper bit of category to indicate protected payload Add appropriate security header at start of payload and MIC at end CategorySecurity HeaderPayloadMIC 1 0 : Spectrum Management 1 - 127 : reserved Similar format to TKIP header or CCMP header: KeyID bits & IV Encrypted

8 doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 8 Conclusion There is definitely a need to protect the Action Management Frame If TGi doesn’t provide a solution individual task groups will have to do it Straw poll: –Does TGi feel that it can/should propose a protection mechanism for action frames


Download ppt "Doc.: IEEE 802.11-03/552r0 Submission July 2003 Jon Edney, NokiaSlide 1 Protection of Action Frames Jon Edney Nokia"

Similar presentations


Ads by Google