Presentation is loading. Please wait.

Presentation is loading. Please wait.

“Not Ready” Response in FT Auth Messages

Published byLeonard Harvey Modified over 5 years ago

Similar presentations

Presentation on theme: "“Not Ready” Response in FT Auth Messages"— Presentation transcript:

1 “Not Ready” Response in FT Auth Messages
Paul Funk, Funk Software 2/23/2019 r

2 Problem During Fast Transition, TTAP may need to:
Request a PMK-R2 from upper levels of the key hierarchy Consult other network elements prior to satisfying resource (RIC) request This will delay the TTAP’s response to the STA’s FT request. As currently specified, STA must remain on TTAP’s channel to listen for response. This time is better used by STA returning to channel of current AP to continue trafficking in data. 2/23/2019 r

3 Solution In response to FT Auth request, TTAP may quickly respond with “Not Ready”. STA temporarily returns to channel of current AP to resume data exchange. STA then reissues FT request, hoping TTAP is now ready. Either the TTAP is now ready, or this process repeats. 2/23/2019 r

4 New Data Items Two new Status Codes are added: New Time Interval type:
“Security Not Ready” indicates PMK-R2 not yet available “Resources Not Ready” indicates resources cannot immediately be allocated New Time Interval type: “Defer Time” (ms) indicates suggested interval after which STA may try again 2/23/2019 r

5 TTAP M2 Response May set SC = Security Not Ready M2/SNR includes:
Defer Time Reassociation Deadline EAPKIE with ANonce M2/SNR does not include: Key Lifetime (as it is not known) 2/23/2019 r

6 STA Action on M2/SNR STA does the following: * Question:
Delays for Defer Time interval Then either: Reissues M1, or Proceeds to next messaging phase [M3 (reservation) or (re)association request] * Note that STA is able to compute PTK, as it has ANonce from TTAP * Question: Allowing STA to proceed to next messaging phase may be an optimization but introduces variability. Is it worth it, or should STA be required to reissue M1? 2/23/2019 r

7 TTAP M4 Response to M3 If TTAP still does not have PMK-R2:
It may set SC = Security Not Ready in M4 response. Contents of M4/SNR are same as M2/SNR, except for auth transaction sequence number If TTAP has PMK-R2 but needs time to allocate resources: Sets SC = Resources Not Ready in M4 Includes same IEs as per spec for M4, except: Omits RIC Adds Defer Time Otherwise, TTAP responds with M4 as per spec. 2/23/2019 r

8 STA Action on M4/Not Ready
STA does the following (upon receipt of either SNR or RNR): Delays for Defer Time interval Reissues M3 (typically but not necessarily with the same RIC as before) Question: upon receipt of Resources Not Ready: Should STA be allowed to proceed directly to (re)association, including its resource request in that message? Resource semantics may preclude this, would like input from RIC experts 2/23/2019 r

9 TTAP (Re)Association Response
If TTAP still does not have PMK-R2: It must acquire PMK-R2 prior to issuing successful (re)association response There is no provision for Not Ready response in (re)association response 2/23/2019 r

10 Key Replay Counter in EAPKIE
I don’t think it is mentioned in the current spec It should be there: incremented by STA on each message echoed by TTAP In particular it is needed for Not Ready usage, as identical messages may be reissued and, thus, replayed. 2/23/2019 r

11 Action Frames Should Not Ready mechanism be permitted in Action frames for FT over-the-DS? The problem of keeping the STA from passing traffic does not exist with over-the-DS. However, there might be value in informing the STA quickly that the TTAP is processing the request. 2/23/2019 r

Download ppt "“Not Ready” Response in FT Auth Messages"

Similar presentations

IEEE MEDIA INDEPENDENT HANDOVER DCN: srho

IEEE MEDIA INDEPENDENT HANDOVER DCN: srho
Doc.: IEEE 802.11-04/0476r3 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.

Doc.: IEEE /0476r3 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.
Doc.: IEEE 802.11-04/0476r2 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.

Doc.: IEEE /0476r2 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Pre-Keying Jesse Walker and Emily Qi Intel Corporation.
Doc.: IEEE 802.11-04/0707r0 Submission July 2003 N. Cam-Winget, et alSlide 1 Establishing PTK liveness during re-association Nancy Cam-Winget, Cisco Systems.

Doc.: IEEE /0707r0 Submission July 2003 N. Cam-Winget, et alSlide 1 Establishing PTK liveness during re-association Nancy Cam-Winget, Cisco Systems.
Doc.: IEEE 802.11-12/0061r1 SubmissionJae Seung Lee, ETRISlide 1 Probe Response frame transmission interval Date: 2011-01-12.

Doc.: IEEE /0061r1 SubmissionJae Seung Lee, ETRISlide 1 Probe Response frame transmission interval Date:
Doc.: IEEE 802.11-04-1180-02-000r Submission November 2004 Bob Beach, Symbol TechnologiesSlide 1 Fast Roaming Using Multiple Concurrent Associations Bob.

Doc.: IEEE r Submission November 2004 Bob Beach, Symbol TechnologiesSlide 1 Fast Roaming Using Multiple Concurrent Associations Bob.
Doc.:11-06-0372-01-000r Submission March 2006 AllSlide 1 A method to refresh the keys hierarchy periodically Notice: This document has been prepared to.

Doc.: r Submission March 2006 AllSlide 1 A method to refresh the keys hierarchy periodically Notice: This document has been prepared to.
Doc.: IEEE 802.11-05/0538r4 Submission July 2005 Bill Marshall, TGr EditorSlide 1 Introducing 11r-d0.00 Notice: This document has been prepared to assist.

Doc.: IEEE /0538r4 Submission July 2005 Bill Marshall, TGr EditorSlide 1 Introducing 11r-d0.00 Notice: This document has been prepared to assist.
Doc.: IEEE 802.11-04/0485r0 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Management Protection Jesse Walker and Emily Qi Intel.

Doc.: IEEE /0485r0 Submission May 2004 Jesse Walker and Emily Qi, Intel CorporationSlide 1 Management Protection Jesse Walker and Emily Qi Intel.
Doc.: IEEE 802.11-05/01097r0 Submission November 2005 N. Cam-Winget, K. Sood, and J. WalkerSlide 1 EAPKIE Replay Counters and MIC Notice: This document.

Doc.: IEEE /01097r0 Submission November 2005 N. Cam-Winget, K. Sood, and J. WalkerSlide 1 EAPKIE Replay Counters and MIC Notice: This document.
Doc.: IEEE 802.11-05/0199r0 Submission March 2005 Kapil Sood, Intel; Bob O’Hara, AirespaceSlide 1 Policy Enforcement For Resources and Security Notice:

Doc.: IEEE /0199r0 Submission March 2005 Kapil Sood, Intel; Bob O’Hara, AirespaceSlide 1 Policy Enforcement For Resources and Security Notice:
Doc.: IEEE 802.11-05/0538r2 Submission June 2005 Bill Marshall, TGr EditorSlide 1 Introducing 11r-d0.00 Notice: This document has been prepared to assist.

Doc.: IEEE /0538r2 Submission June 2005 Bill Marshall, TGr EditorSlide 1 Introducing 11r-d0.00 Notice: This document has been prepared to assist.
Doc.: IEEE 802.11-12/0294r2 Submission March 2012 Jonathan Segev (Intel)Slide 1 Active Scanning Reply Window Date: 2012-03-14 Authors:

Doc.: IEEE /0294r2 Submission March 2012 Jonathan Segev (Intel)Slide 1 Active Scanning Reply Window Date: Authors:
Doc.: IEEE 802.11-05/0874r0 Submission September 2005 C Trecker, et alSlide 1 Test Methodology, Metrics and Test Cases for measuring Fast BSS Transition.

Doc.: IEEE /0874r0 Submission September 2005 C Trecker, et alSlide 1 Test Methodology, Metrics and Test Cases for measuring Fast BSS Transition.
FILS Reduced Neighbor Report

FILS Reduced Neighbor Report
Authentication and Upper-Layer Messaging

Authentication and Upper-Layer Messaging
Proposed SFD Text for ai Link Setup Procedure

Proposed SFD Text for ai Link Setup Procedure
Queues Chapter 8 Nyhoff, ADTs, Data Structures and Problem Solving with C++, Second Edition, © 2005 Pearson Education, Inc. All rights reserved. 0-13-140909-3.

Queues Chapter 8 Nyhoff, ADTs, Data Structures and Problem Solving with C++, Second Edition, © 2005 Pearson Education, Inc. All rights reserved
TAP/JIT Resource Pre-allocation

TAP/JIT Resource Pre-allocation
TDLS TPK Handshake Date: Authors: May 2010 May 2010

TDLS TPK Handshake Date: Authors: May 2010 May 2010

Similar presentations

Ads by Google