1. (Man in the Middle) MITM in Mesh
January 2007
doc.: IEEE yy/0002r1
January 2007
(Man in the Middle) MITM in Mesh
Date:
Authors:
Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.
Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE
Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures < ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE Working Group. If you have questions, contact the IEEE Patent Committee Administrator at
Junping Zhang, Huawei
Junping Zhang, Huawei Company

2. Abstract Introduction about MITM (man-in-the-middle) attack
January 2007
doc.: IEEE yy/0002r1
January 2007
Abstract
Introduction about MITM (man-in-the-middle) attack
How does MITM happen to mesh
Method of avoiding the attack
Junping Zhang, Huawei
Junping Zhang, Huawei Company

3. Outline The overview of 802.1x authentication with EAP-TLS in mesh
January 2007
doc.: IEEE yy/0002r1
January 2007
Outline
The overview of 802.1x authentication with EAP-TLS in mesh
Problem may exist in mesh with EAP-TLS
The method of solving the MITM problem
Conclusion
Outline做下修改，便于讲的时候理下思路。首先是802.1x和EAP-TLS介绍，然后是攻击分析，最后是我们的修改以及好处。
另外需要把前两个阶段发生攻击和我们修改的缺点私底下准备好，万一人家问起便于回答。
Junping Zhang, Huawei
Junping Zhang, Huawei Company

4. The overview of 802.1x authentication in mesh
January 2007
The overview of 802.1x authentication in mesh
802.1x is used for authentication in mesh now
The core of x is Extended Authentication Protocol
Now it mostly employs EAP-TLS.
Junping Zhang, Huawei

5. The authentication process with EAP-TLS in mesh
January 2007
The authentication process with EAP-TLS in mesh
Authentication Server
Authentication Server
Supplicant
Supplicant
Authenticator
Authenticator
Peer Link Establishment
Authentication process with EAP-TLS
EAPOL
EAP Start
EAP Start
EAP Request Identity
EAP Request Identity
EAP Request (Identity-Machine Name or User Name)
EAP Request (Identity-Machine Name or User Name)
EAP Request-TLS(TLS Start)
EAP Request-TLS(TLS Start)
EAP Request-TLS(TLS Client_hello)
EAP Request-TLS(TLS Client_hello))
EAP Request(TLS Server_hello,TLS Certificate,Server key exchange)
EAP Request(TLS Server_hello,TLS Certificate,Server key exchange)
EAP Request-TLS(TLS Cert,Clinet key exch,TLS fin)
EAP Request-TLS(TLS Cert,Clinet key exch,TLS fin)
EAP Request-TLS(changecipher spec)
EAP Request-TLS(changecipher spec)
EAP Request-TLS()
EAP Request-TLS()
EAP Success(EAP-TLS Session key, Encryption Type)
EAP Success(Session key)
Junping Zhang, Huawei

6. Outline The overview of 802.1x authentication with EAP-TLS in mesh
January 2007
doc.: IEEE yy/0002r1
January 2007
Outline
The overview of 802.1x authentication with EAP-TLS in mesh
Problem may exist in the EAP-TLS for mesh
The solution of solving the MITM problem
Conclusion
Outline做下修改，便于讲的时候理下思路。首先是802.1x和EAP-TLS介绍，然后是攻击分析，最后是我们的修改以及好处。
另外需要把前两个阶段发生攻击和我们修改的缺点私底下准备好，万一人家问起便于回答。
Junping Zhang, Huawei
Junping Zhang, Huawei Company

7. Security problem existing in EAP-TLS for mesh
January 2007
Security problem existing in EAP-TLS for mesh
MITM(man-in-the-middle) attack may occur
one attacker is able to read, insert and modify messages at will between supplicant and authenticator
the peer (supplicant and AS) doesn’t know whether message is forged or not.
An example of (MITM)attack in mesh
Downgrade, asymmetry and forged attack
Junping Zhang, Huawei

8. An example of MITM attack in mesh
January 2007
An example of MITM attack in mesh
attacker
Supplicant
Authenticator
Supplicant’
Legality Authenticator
Authentication
Server
EAPOL
EAP Start
A new authentication course
EAP Request Identity
EAP Request (Identity-Machine Name or User Name)
forged attack
(Identity-Machine Name or User Name)’……
forged MAC address and identity information
server_hello’
server_hello
client_hello
client_hello’
downgrade and asymmetry attack
Junping Zhang, Huawei

9. Outline The overview of 802.1x authentication with EAP-TLS in mesh
January 2007
doc.: IEEE yy/0002r1
January 2007
Outline
The overview of 802.1x authentication with EAP-TLS in mesh
Problem may exist in the EAR-TLS for mesh
The solution of solving the mitm problem
Conclusion
Outline做下修改，便于讲的时候理下思路。首先是802.1x和EAP-TLS介绍，然后是攻击分析，最后是我们的修改以及好处。
另外需要把前两个阶段发生攻击和我们修改的缺点私底下准备好，万一人家问起便于回答。
Junping Zhang, Huawei
Junping Zhang, Huawei Company

10. Some methods for preventing MITM
January 2007
Some methods for preventing MITM
SSL3.0/TLS1.0 that is based on X.509 certificate model.
Both supplicant and authentication server need certificate.
Security of communication between each mesh point and CRL server has to been ensured
The performance problem of download certificate and CRL
Enterprises deploy with RADIUS databases that are different with X.509
PSK
Deployment is burdensome
not suitable for large scale mesh applications.
PSK problem has been discussed in doc (11-06/1446r1)
Junping Zhang, Huawei

11. Suggestion method Verify authenticator before EAP-TLS
January 2007
Suggestion method
Verify authenticator before EAP-TLS
Issue signature by AS
verify authenticator by signature
Junping Zhang, Huawei

12. Issue signature in EAP-TLS
January 2007
doc.: IEEE yy/0002r1
January 2007
Issue signature in EAP-TLS AS
Supplicant
EAP Response/Identity
EAP Request/TLS Start
EAP Response/TLS ClientHello(Random)
EAP Request/TLS ServerHello(Random) || Certificate || ServerKeyExchange || [CertificateRequest] || ServerHelloDone
EAP Response/TLS ClientUserID|| ClientPassword_MD5 or(Certificate) || ClientKeyExchange || ChangeCipherSpec || Finished
验证SUPPLICANT合法性,portal配置好了signature,然后发签名，然后就可以变成合法的AUTHENTICATOR
issue AS’s signature to legal supplicant
EAP Request/TLS ChangeCipherSpec || Signature||AlgorithmFlag||Finished
Verify the legality of issuer and accept it or not
EAP Response
EAP Success
Junping Zhang, Huawei
Junping Zhang, Huawei Company

13. Verify authenticator during initial EMSA authentication
January 2007
Verify authenticator during initial EMSA authentication
Supplicant
Authenticator
Association Request (Peer Link Open IE )
Association Request ( Peer Link Open IE )
Signature +AlgorithmFlag
Verify the legality of Signature: issuer and holder
Association Response (Peer Link Confirm IE)
Association Response (Peer Link Confirm IE)
The signature is issued to every legal node by AS.
“Algorithm Flag” indicates the public algorithm used by AS.
One new supplicant need to verify authenticator by signature which issued by AS.
AS can adopt TimeStamp or other mechanism to prevent the vicious reuse of signature.
Junping Zhang, Huawei

14. Benefit of suggestion method
January 2007
Benefit of suggestion method
It can solve MITM problem.
Simple deployment.
A mesh network only need one AS’s certificate and its public key.
Lower cost
The public key algorithm can be gotten by software-update
Small modification to 802.1x authentication.
It can still use 802.1x authentication mechanism and EMSA key hierarchy.
Junping Zhang, Huawei

15. Outline The overview of 802.1x authentication with EAP-TLS in mesh
January 2007
doc.: IEEE yy/0002r1
January 2007
Outline
The overview of 802.1x authentication with EAP-TLS in mesh
Problem may exist in the EAR-TLS for mesh
The solution of solving the mitm problem
Conclusion
Outline做下修改，便于讲的时候理下思路。首先是802.1x和EAP-TLS介绍，然后是攻击分析，最后是我们的修改以及好处。
另外需要把前两个阶段发生攻击和我们修改的缺点私底下准备好，万一人家问起便于回答。
Junping Zhang, Huawei
Junping Zhang, Huawei Company

16. Conclusion There are MITM in 802.1x authentication for mesh
January 2007
Conclusion
There are MITM in 802.1x authentication for mesh
The verifying authenticator can solve MITM problem more efficient.
Junping Zhang, Huawei

17. January 2007
Straw poll
Shall we accept the verifying authenticator method and prepare texts based on it for approval ?
Yes:
No :
Junping Zhang, Huawei

18. References IEEE P802.11s™/D1.00 Draft 802.11i overview January 2007
Junping Zhang, Huawei