Download presentation
Presentation is loading. Please wait.
Published bySamantha Haynes Modified over 5 years ago
1
Overview of Improvements to Key Holder Protocols
July 2007 doc.: IEEE /1988r1 July 2007 Overview of Improvements to Key Holder Protocols Date: Authors: Steve Emeott, Motorola Steve Emeott, Motorola
2
July 2007 doc.: IEEE /1988r1 July 2007 Abstract This submission provides an overview of document 11-07/1987r1, which proposes improvements to the key holder communications protocols defined for use in the mesh security architecture. The proposed changes are include expanded error handling features, revisions to the key holder handshake and key transport push protocol, and new MLME-SAP interface primitives. 20 comments are addressed by the proposed changes. Steve Emeott, Motorola Steve Emeott, Motorola
3
Outline Mesh key holder architecture
July 2007 doc.: IEEE /1988r1 July 2007 Outline Mesh key holder architecture Improvements: Key holder communications Summary of comments received Overview of proposed changes Additional details Steve Emeott, Motorola Steve Emeott, Motorola
4
Mesh Key Holder Architecture
July 2007 doc.: IEEE /1988r1 July 2007 Mesh Key Holder Architecture Mesh Key Distributor PMK-MKD-KH / Local PMK-MKD-KH PMK-MA-KH / Local PMK-MA-KH RSNA Key Management Scope of submission: improving communications between key holders Mesh Authenticator Mesh key holders are part of MP SME RSNA key management Architecture defines the keys computed by each key holder Computation of PMK-MKD, PMK-MA and MKDK Restricted to PMK-MKD-KH for peer MP keys Restricted to Local PMK-MKD-KH for local MP keys Computation of PTK-MA and MPTK-KD Restricted to PMK-MA-KH for peer MP keys Restricted to Local PMK-MA-KH for local MP keys Steve Emeott, Motorola Steve Emeott, Motorola
5
Key Holder Exchanges Key holder handshake Key transfer
July 2007 doc.: IEEE /1988r1 July 2007 Key Holder Exchanges Key holder handshake Used to derive a fresh key delivery key, negotiate EAP message transport protocol to use Key transfer Pull Mode Push Mode Delete EAP message transport Used to transport EAP messages between s Authenticator and NAS Client entities when they are not co-located Steve Emeott, Motorola Steve Emeott, Motorola
6
July 2007 doc.: IEEE /1988r1 July 2007 Comments Received Questions about processing steps and status code that should be included for error handling Question about whether key holder handshake should be extended to 4 messages for better error handling Request to make key transfer protocol optional Request to identify key used to integrity protect messages Questions about message token and sequence number fields included to prevent replay attacks Steve Emeott, Motorola Steve Emeott, Motorola
7
July 2007 doc.: IEEE /1988r1 July 2007 Overview of Changes Explicitly defined processing steps and status codes for error handling in all key holder exchanges Conditions for silently discarding messages Conditions for retrying key holder handshake messages Values of status codes for indicating failures Defined MLME primitives and MIB variables Primitives defined in support of key holder architecture Also need primitives and MIB variables to define error handling Made key transport protocol optional Key transport protocol can be negotiated during key holder handshake Defined key name field to identify MIC key Steve Emeott, Motorola Steve Emeott, Motorola
8
Overview of Changes (cont.)
July 2007 doc.: IEEE /1988r1 July 2007 Overview of Changes (cont.) Added 4th message to key holder handshake Permits aspirant MA to manage retries of handshake messages, enabling MKD to simply respond to messages it receives Permits negotiation of optional EAP and Key transport protocol during key holder handshake Named replay counters and replaced message token in EAP encapsulation field with replay counter Improved the key transport protocol Renamed pull mode messages to request and response Reused pull mode messages in the push mode protocol, and added 3rd message to combat delay attacks Steve Emeott, Motorola Steve Emeott, Motorola
9
Additional Details Mesh Key Holder Security Handshake July 2007 … SME
MAC MA Multihop Action Frame MKD MAC SME MLME-MeshKeyHolderHandshake.request Handshake Msg 1 MLME-MeshKeyHolderHandshake.indication MLME-MeshKeyHolderHandshake.confirm MLME-MeshKeyHolderHandshake.request Handshake Msg 2 MLME-MeshKeyHolderHandshake.indication MLME-MeshKeyHolderHandshake.confirm … Steve Emeott, Motorola
10
Additional Details (cont.)
July 2007 doc.: IEEE /1988r1 July 2007 Additional Details (cont.) Key Transport – Pull Mode SME MAC MA Multihop Action Frame MKD MAC SME MLME-MeshKeyTransport.request Request MLME-MeshKeyTransport.indication MLME-MeshKeyTransport.confirm MLME-MeshKeyTransport.request Response MLME-MeshKeyTransport.indication MLME-MeshKeyTransport.confirm Steve Emeott, Motorola Steve Emeott, Motorola
11
Additional Details (cont.)
July 2007 doc.: IEEE /1988r1 July 2007 Additional Details (cont.) Key Transport – Push Mode MA MKD Multihop Action Frame SME MAC MAC SME MLME-MeshKeyTransport.request Notify MLME-MeshKeyTransport.indication MLME-MeshKeyTransport.confirm MLME-MeshKeyTransport.request Request MLME-MeshKeyTransport.indication MLME-MeshKeyTransport.confirm MLME-MeshKeyTransport.request Response MLME-MeshKeyTransport.indication MLME-MeshKeyTransport.confirm Steve Emeott, Motorola Steve Emeott, Motorola
12
Additional Details (cont.)
July 2007 doc.: IEEE /1988r1 July 2007 Additional Details (cont.) EAP Transport SME MAC MA MKD Multihop Action Frame MAC SME MLME-MeshEAPTransport.request EAP Encapsulation Request MLME-MeshEAPTransport.indication MLME-MeshEAPTransport.confirm MLME-MeshEAPTransport.request EAP Encapsulation Response MLME-MeshEAPTransport.indication MLME-MeshEAPTransport.confirm Steve Emeott, Motorola Steve Emeott, Motorola
13
Backup July 2007 July 2007 doc.: IEEE 802.11-07/1988r1
Steve Emeott, Motorola Steve Emeott, Motorola
14
Review of Recent Changes
July 2007 doc.: IEEE /1988r1 July 2007 Review of Recent Changes Highlights of improvements already made to MSA Improvements to PLM (11-07/0440r0: 106 comments) Definition of MIB variables for MSA (11-07/0436r1: 25 comments) Simplification of frame formats for key holder messages (11-07/0286r0: & 11-07/0287r1: 35 comments) Addition of AES-128-MAC MIC algorithm (11-07/0435r1: 4 comments) Upgrades to better support co-located MKD/MA (11-07/0437r1: 3 comments) Integration of PLM into MSA authentication handshake (11-07/0564r2: 16 comments) Clean up of key derivation clause (11-07/0618r0: 21 comments) Steve Emeott, Motorola Steve Emeott, Motorola
15
July 2007 doc.: IEEE /1988r1 July 2007 Work in Progress Areas where unresolved comments are still under discussion Key holder communications – document 07/1987 (20 comments) Cleanup of high level architecture description (15 comments) Pre-shared keys (8 comments) Abbreviated handshake (5 comments) Other (40 comments) Steve Emeott, Motorola Steve Emeott, Motorola
16
Exemplary Implementation of Initial MSA Authentication
July 2007 doc.: IEEE /1988r1 July 2007 Exemplary Implementation of Initial MSA Authentication Authentication Server Network Access Server (AAA Client) 802.1X Authenticator (Controlled Port) 802.1X Supplicant PMK-MKD-KH PMK-MA-KH Local PMK-MKD-KH Local PMK-MA-KH Multihop Action PLM & EAPOL Radius Optionally mesh key holders may be co-located Steve Emeott, Motorola Steve Emeott, Motorola
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.