Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-13/1448 r00 Submission Paul A. Lambert, Marvell SemiconductorSlide 1 802.11 Privacy Date: 2013-11-14 Authors: November 2013.

Published byJasper Maxwell Modified over 9 years ago

Similar presentations

Presentation on theme: "Doc.: IEEE 802.11-13/1448 r00 Submission Paul A. Lambert, Marvell SemiconductorSlide 1 802.11 Privacy Date: 2013-11-14 Authors: November 2013."— Presentation transcript:

1 doc.: IEEE 802.11-13/1448 r00 Submission Paul A. Lambert, Marvell SemiconductorSlide 1 802.11 Privacy Date: 2013-11-14 Authors: November 2013

2 doc.: IEEE 802.11-13/1448 r00 Submission Privacy Paul Lambert, MarvellSlide 2 November 2013

3 doc.: IEEE 802.11-13/1448 r00 Submission Communication privacy is not a new issue. Paul Lambert, MarvellSlide 3 November 2013 Privacy was an important selling point for dial based phones (1912) since they did not require an operator. http://en.wikipedia.org/wiki/Privacy

4 doc.: IEEE 802.11-13/1448 r00 Submission Wi-Fi Privacy Concerns Seattle Police Deactivate Wi-Fi Spy Grid After Privacy OutcrySeattle Police Deactivate Wi-Fi Spy Grid After Privacy Outcry (Nov 2013) A DHS and Seattle police network collecting location information CreepyDOL WiFi surveillance project debuts at Blackhat/DEFCONCreepyDOL WiFi surveillance project debuts at Blackhat/DEFCON (Aug 2013) DIY surveillance with low-cost Wi-Fi based sensors that capture MAC addresses Wi-Fi Trashcans Now Silently Tracking Your Smartphone DataWi-Fi Trashcans Now Silently Tracking Your Smartphone Data (Aug 2013)... the company boasted that the cans, which included LCD advertising screens, "provide an unparalleled insight into the past behavior of unique devices"—and hence of the people who carry them around "Technopanic" mounts over Google's Wi-Fi Privacy violations"Technopanic" mounts over Google's Wi-Fi Privacy violations (Mar 2013) A DHS and Seattle police network collecting location information Paul Lambert, MarvellSlide 4 November 2013

5 doc.: IEEE 802.11-13/1448 r00 Submission But wait – Wi-Fi “location” is also a service! Location-based Wi-Fi services can add immediate value to Wi-Fi deployments Location-based Wi-Fi services can add immediate value to Wi-Fi deployments (Oct 2013) “Knowing where someone is can be important because you are then in a better position to do something for or with them.” In-Location AllianceIn-Location Alliance (Nov 2013) “There are countless uses for accurate indoor positioning...” Renew - Wi-Fi based market information Renew - Wi-Fi based market information (Nov 2013) The Renew Network extends to over three million professionals in the City of London everyday. Our units have been strategically placed to achieve optimum viewing time, enabling our clients to receive a constant and continuous space to accommodate commercial campaigns. Paul Lambert, MarvellSlide 5 November 2013

6 doc.: IEEE 802.11-13/1448 r00 Submission Risk Analysis and Privacy Risk = Vulnerability x Threat x Cost Vulnerability: is the probability of success of an attack for a particular threat category. The “value” of vulnerability in the risk equation can vary depending on the type of attacker, for example a government may have more resources to be successful than a single hacker. Threat: is the likelihood of an adverse event. It is based on a particular threat category (hacker, paparazzi, disgruntled employee, government agency). Cost: is the impact of an attack against the vulnerability by the particular threat. Breaking into an online banking account typically has a higher cost than a denial of service attack against a single user. Paul Lambert, MarvellSlide 6 November 2013

7 doc.: IEEE 802.11-13/1448 r00 Submission Privacy versus other Security Services in 802.11 Privacy protection is provided by encryption and authentication –But this just protects the disclosure “data” –Good security (e.g. RSN) is a first step and is not the subject of this analysis and is assumed as a starting point Privacy of identity and location must consider other information in 802.11 frames that can be used to track a device –Like the MAC address Paul Lambert, MarvellSlide 7 November 2013

8 doc.: IEEE 802.11-13/1448 r00 Submission Where are the privacy vulnerabilities? MAC Addresses are unique per device –Enable detailed tracking by passive capture –MAC addresses may be used in IPv6 addresses and carried beyond the WLAN and will directly identify the connecting device SSIDs are sometimes unique –Enable tracking when used in probe requests and indicate a devices commonly used APs –The profile of multiple SSIDs used in probing are a good fingerprint of a users identity 802.11u is unprotected and may indicate user interests Others? Paul Lambert, MarvellSlide 8 November 2013

9 doc.: IEEE 802.11-13/1448 r00 Submission Privacy Threats Source of Threats: –Hackers, private investigators, stalkers, paparazzi –Marketing firms and retail outlets –Police, Government Agencies Non-threats: –Marketing firms and retail outlets (with user approval) –Personal home automation (of home user) –... Etc. It is very important to identify ways to enable tracking when it is a “service”, but prevent unauthorized tracking Paul Lambert, MarvellSlide 9 November 2013

10 doc.: IEEE 802.11-13/1448 r00 Submission Attack Vectors for 802.11 Communications The location and capabilities of an attacker in the network is a useful way to categorize vulnerabilities. Slide 10Paull Lambert - Marvell November 2013

11 doc.: IEEE 802.11-13/1448 r00 Submission Passive Scanning and Monitor APs The primary scenarios to consider that are “threat” and not “services” are passive monitoring and APs used for monitoring Slide 11Paull Lambert - Marvell November 2013

12 doc.: IEEE 802.11-13/1448 r00 Submission Possible Technical Solutions Ephemeral MAC Addresses –use local addresses that change occasionally Limit active scanning Capability bits to indicate “willingness to be tracked” Others? Paul Lambert, MarvellSlide 12 November 2013

13 doc.: IEEE 802.11-13/1448 r00 Submission Ephemeral MAC Addresses Virtual STAs could be defined that allow a device to have a different MAC address for each BSSID What happens to DHCP allocation and routing tables? –Rapid changes are a problem, occasional changes are enough to prevent correlation of a device to a human Not easy to change with an active association –But could only change on new connections Roaming and fast handoff might be impacted –But MAC addresses could remain the same for roaming and only change when not actively associated While there are issues with Ephemeral MAC Addresses to solve, it appears viable to define procedures for MAC address privacy! Paul Lambert, MarvellSlide 13 November 2013

14 doc.: IEEE 802.11-13/1448 r00 Submission Straw Poll Would this group support the definition of privacy mechanisms for IEEE 802.11? yes: no: abstain: Paul A. Lambert (Marvell)Slide 14 November 2013

Download ppt "Doc.: IEEE 802.11-13/1448 r00 Submission Paul A. Lambert, Marvell SemiconductorSlide 1 802.11 Privacy Date: 2013-11-14 Authors: November 2013."

Similar presentations

Doc.: IEEE 802.11-11/1521r2 Submission January 2012 Marc Emmelmann, FOKUSSlide 1 AP and Network Discovery Enhancements Date: 2012-01-17 Authors:

Doc.: IEEE /1521r2 Submission January 2012 Marc Emmelmann, FOKUSSlide 1 AP and Network Discovery Enhancements Date: Authors:
Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 1 Randomized MAC Addresses for Privacy Enhancement Date: 2014-03-18 Authors:

Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 1 Randomized MAC Addresses for Privacy Enhancement Date: Authors:
Doc.: IEEE 802.11-11/1002r0 July 2011 Hyangsun You, LG Electronics Inc. Submission IPv6 for 802.11ah Author: Date: July 19, 2011 NameCompanyAddressPhoneemail.

Doc.: IEEE /1002r0 July 2011 Hyangsun You, LG Electronics Inc. Submission IPv6 for ah Author: Date: July 19, 2011 NameCompanyAddressPhone .
Omniran-13-0063-00-0000 1 IEEE 802 Enhanced Network Detection and Selection Date: 2013-08-26 Authors: NameAffiliationPhoneEmail Max RiegelNSN+49 173 293.

Omniran IEEE 802 Enhanced Network Detection and Selection Date: Authors: NameAffiliationPhone Max RiegelNSN
Doc.: IEEE 802.11-12/1323r0 November 2012 Submission Relays for 802.11ah Date: 2012-11-12 Authors: Slide 1.

Doc.: IEEE /1323r0 November 2012 Submission Relays for ah Date: Authors: Slide 1.
Doc.: IEEE 802.11-03/173r1 Submission Byoung-Jo Kim, AT&T March 2003 Slide 1 Coexistence of Legacy & RSN STAs in Public WLAN Byoung-Jo “J” Kim AT&T Labs-Research.

Doc.: IEEE /173r1 Submission Byoung-Jo Kim, AT&T March 2003 Slide 1 Coexistence of Legacy & RSN STAs in Public WLAN Byoung-Jo “J” Kim AT&T Labs-Research.
Doc.: IEEE 802.11-12/941r0 Submission July 2012 Slide 1 Access Control Mechanism for 11ah Date: 2012-07-17 Authors: NameAffiliationsAddressPhoneemail Fang.

Doc.: IEEE /941r0 Submission July 2012 Slide 1 Access Control Mechanism for 11ah Date: Authors: NameAffiliationsAddressPhone Fang.
Doc.: IEEE 802.11-05/0499r1 Submission May 2006 Srinivas SreemanthulaSlide 1 TGu Proposal: Network Selection Notice: This document has been prepared to.

Doc.: IEEE /0499r1 Submission May 2006 Srinivas SreemanthulaSlide 1 TGu Proposal: Network Selection Notice: This document has been prepared to.
Doc.: IEEE 802.11-12/0573r1 Submission May 2012 David Halasz, Motorola MobilitySlide 1 Scalable Authentication Date: 2012-5-6 Authors:

Doc.: IEEE /0573r1 Submission May 2012 David Halasz, Motorola MobilitySlide 1 Scalable Authentication Date: Authors:
Doc.: IEEE 802.11-12/1042 Submission NameAffiliationsAddressPhoneemail Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,

Doc.: IEEE /1042 Submission NameAffiliationsAddressPhone Giwon ParkLG Electronics LG R&D Complex 533, Hogye- 1dong, Dongan-Gu, Anyang, Kyungki,
Doc.: 11-14-0164-00 Submission January 22, 2014 Rene Struik (Struik Security Consultancy)Slide 1 802.11 Privacy & HEW Date: 2014-01-22 Authors: NameCompanyAddressPhoneemail.

Doc.: Submission January 22, 2014 Rene Struik (Struik Security Consultancy)Slide Privacy & HEW Date: Authors: NameCompanyAddressPhone .
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Doc.: IEEE 802.11-12/0585r1 Submission May 2012 David Halasz, Motorola MobilitySlide 1 IEEE 802.11ah and Security Date: 2012-5-6 Authors:

Doc.: IEEE /0585r1 Submission May 2012 David Halasz, Motorola MobilitySlide 1 IEEE ah and Security Date: Authors:
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is 802.11 ? IEEE 802.11 is a set of standards carrying out WLAN computer communication in frequency bands.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
Submission doc.: IEEE 11-12/0589r2 July 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General 802.11 Links Date: 2012-05-08 Authors:

Submission doc.: IEEE 11-12/0589r2 July 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General Links Date: Authors:
Doc.: IEEE 802.11-11-1250-00-00ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:

Doc.: IEEE ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:
Doc.: IEEE 802.11-11-1250-00-00ai Submission Paul Lambert, Marvell TGai Discovery Proposal Author: Abstract Short high-level proposal for discovery techniques.

Doc.: IEEE ai Submission Paul Lambert, Marvell TGai Discovery Proposal Author: Abstract Short high-level proposal for discovery techniques.
Doc.: IEEE 802.11-08/1468r0 Submission Dec 2008 Ashish Shukla, Marvell SemiconductorSlide 1 ERP Protection in IEEE 802.11s Mesh Network Date: 2008-12-12.

Doc.: IEEE /1468r0 Submission Dec 2008 Ashish Shukla, Marvell SemiconductorSlide 1 ERP Protection in IEEE s Mesh Network Date:
Doc.: IEEE 802.11-13/0893 r00 Submission July 2013 Paul A. Lambert, Marvell SemiconductorSlide 1 Service Discovery Proposal Date: 2013-7-16 Authors: Previous.

Doc.: IEEE /0893 r00 Submission July 2013 Paul A. Lambert, Marvell SemiconductorSlide 1 Service Discovery Proposal Date: Authors: Previous.

Similar presentations

Ads by Google