Presentation is loading. Please wait.

Presentation is loading. Please wait.

doc.: IEEE /454r0 Bob Beach Symbol Technologies

Published byClaud Shelton Modified over 6 years ago

Similar presentations

Presentation on theme: "doc.: IEEE /454r0 Bob Beach Symbol Technologies"— Presentation transcript:

1 doc.: IEEE 802.11-01/454r0 Bob Beach Symbol Technologies
July 2001 doc.: IEEE /454r0 July 2001 IBSS and ESN Bob Beach Symbol Technologies Bob Beach Bob Beach

2 IBSS and ESN Current baseline really does not address IBSS networks
July 2001 IBSS and ESN Current baseline really does not address IBSS networks Most of the assumptions of baseline are absent in IBSS No AP to advertise/negotiate cypher and authentication suites No AP to respond to probes (any station can respond) No associations – stations can transmit whenever they like No place for 802.1x port control Assume manual configuration for IBSS is not sufficient E.g. write cypher suite and encryption key on blackboard and have each user enter the information manually Maximize commonality between IBSS and ESS modes Bob Beach

3 Review of IBSS Operation
July 2001 Review of IBSS Operation In 1999 specification only Station Services supported Authentication, Deauthentication, Privacy, MSDU delivery IBSS is indicated by bit in capability field of beacon WEP is also so indicated All stations in an IBSS generate a beacon on regular basis First STA in IBSS sets beacon interval Stations update local configuration based upon last beacon received Stations may generate probe requests Station that transmitted last beacon responds to probe Stations can transmit whenever they want per DCF Bob Beach

4 Desired Functionality for ESN IBSS
July 2001 Desired Functionality for ESN IBSS Key Distribution All stations use same session key May have separate broadcast key Key Derivation Need to derive actual keys for AES use from session Yields set of keys per station pair Cypher Suite Assumption: one suite for all stations Bob Beach

5 Basic Model -1 Per baseline, no MAC layer Authentication
July 2001 Basic Model -1 Per baseline, no MAC layer Authentication E.g. no authentication, deauthentication services Any station can send data packets whenever it wants Most of 802.1x functionality is not used No entity to act as port controller Request/response packets are used to carry authentication packets One station acts as Security Coordinator for IBSS Specifies Cypher suite and authentication suite for IBSS Allocates encryption key using authentication suite Bob Beach

6 July 2001 Basic Model -2 Stations use Probe/Probe Response messages to derive AES keys much like BSS model uses association packets Done between each pair of stations that want to exchange data Bob Beach

7 Security Coordinator (SC) -1
July 2001 Security Coordinator (SC) -1 Any station can perform the SC functions Need not be station that instantiates the IBSS Application that runs above the MAC layer Generates beacons as do other stations in IBSS but they contain additional information Only its beacons contain ESN bit (other stations’ beacons don’t) Contain cypher suite and authentication suite for IBSS using elements defined in ESN Specifies only one option for each. Use of indicated suites is mandatory for particular IBSS Bob Beach

8 Security Coordinator (SC) -2
July 2001 Security Coordinator (SC) -2 Key Distribution uses authentication algorithm Authentication packets are carried inside 802.lx request and response packets Addressed to station generating ESN tagged beacon Baseline authentication algorithm is used (e.g. Kerberos) Bob Beach

9 July 2001 Kerberos Usage in IBSS Security Coordinator station operates as Mini-KDC Stations do regular Kerberos handshake using information in ESN tagged beacons Mini-KDC allocates same session key to all stations using Kerberos packet exchanges Users share common password distributed manually or agree upon some password derivation model (password = username) SC application may have user interface that allows manual user approval I.e. authenticate “George”? “Yes/no ?” Allows membership in IBSS to be known Bob Beach

10 Key Derivation Need to derive AES keys from session key
July 2001 Key Derivation Need to derive AES keys from session key Add nonce to probe/probe response packets When a station needs to send a data packet to another station for the first time it sends a probe packet to it containing the nonce. The target station replies with a probe response containing its nonce Both stations compute AES key using the contents of the probe/probe response packets Bob Beach

11 July 2001 Proposed Motions Proposed: The model of IBSS ESN operation contained in this document be added to the Tgi baseline. Proposed: Tgi instruct the author of this document to prepare text for incorporation into the next revision of the Draft specification. Bob Beach

Download ppt "doc.: IEEE /454r0 Bob Beach Symbol Technologies"

Similar presentations

Doc.: IEEE 802.11-01/147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503) 712-1849.

Doc.: IEEE /147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503)
Doc.: 11-03-0573r0-I Submission July 22, 2003 Paul Lambert, Airgo NetworksSlide 1 Enabling Encryption in Hotspots by Decoupling the Privacy Field from.

Doc.: r0-I Submission July 22, 2003 Paul Lambert, Airgo NetworksSlide 1 Enabling Encryption in Hotspots by Decoupling the Privacy Field from.
Doc.: IEEE 802.11-00/275 Submission September 2000 David Halasz, Cisco Systems, Inc.Slide 1 IEEE 802.1X for IEEE 802.11 David Halasz, Stuart Norman, Glen.

Doc.: IEEE /275 Submission September 2000 David Halasz, Cisco Systems, Inc.Slide 1 IEEE 802.1X for IEEE David Halasz, Stuart Norman, Glen.
Doc.: IEEE 802.11-02/431r0 Submission July 2002 Carlos Rios, RiosTek LLC Slide 1 Pre-Shared Key RSN Extensions Enrollment, Authentication and Key Management.

Doc.: IEEE /431r0 Submission July 2002 Carlos Rios, RiosTek LLC Slide 1 Pre-Shared Key RSN Extensions Enrollment, Authentication and Key Management.
IEEE Wireless LAN Standard

IEEE Wireless LAN Standard
CWNA Guide to Wireless LANs, Second Edition

CWNA Guide to Wireless LANs, Second Edition
Doc.: IEEE 802.11-05/0866r1 Submission September 2005 Michael Montemurro, Chantry NetworksSlide 1 Mobility Domain Definition and Description Notice: This.

Doc.: IEEE /0866r1 Submission September 2005 Michael Montemurro, Chantry NetworksSlide 1 Mobility Domain Definition and Description Notice: This.
Doc.:IEEE 802.11-12/0129r3 May 2012 Santosh Abraham, Qualcomm Inc. Short Beacon Slide 1 Authors:

Doc.:IEEE /0129r3 May 2012 Santosh Abraham, Qualcomm Inc. Short Beacon Slide 1 Authors:
Doc.: IEEE 802.11-01/495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
Doc.: IEEE 802.11-04-1180-02-000r Submission November 2004 Bob Beach, Symbol TechnologiesSlide 1 Fast Roaming Using Multiple Concurrent Associations Bob.

Doc.: IEEE r Submission November 2004 Bob Beach, Symbol TechnologiesSlide 1 Fast Roaming Using Multiple Concurrent Associations Bob.
Submission doc.: IEEE 802.11-12/1034r4 September 2012 Jeongki Kim, LG ElectronicsSlide 1 Enhanced scanning procedure for FILS Date: 2012-09-17 Authors:

Submission doc.: IEEE /1034r4 September 2012 Jeongki Kim, LG ElectronicsSlide 1 Enhanced scanning procedure for FILS Date: Authors:
Doc.: IEEE 802.11-01/610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and 802.11 key interactions Tim Moore.

Doc.: IEEE /610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and key interactions Tim Moore.
Doc.: IEEE 802.11-01/610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and 802.11 key interactions Tim Moore.

Doc.: IEEE /610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and key interactions Tim Moore.
Proposed solutions to comments on section 7

Proposed solutions to comments on section 7
Robust Security Network (RSN) Service of IEEE

Robust Security Network (RSN) Service of IEEE
FILS Reduced Neighbor Report

FILS Reduced Neighbor Report
Some LB 62 Motions January 13, 2003 January 2004

Some LB 62 Motions January 13, 2003 January 2004
TGaq Service Transaction Protocol for ANDSF Discovery Service

TGaq Service Transaction Protocol for ANDSF Discovery Service
Proposed solutions to comments on section 7

Proposed solutions to comments on section 7
802.1X and key interactions Tim Moore November 2001

802.1X and key interactions Tim Moore November 2001

Similar presentations

Ads by Google