Presentation is loading. Please wait.

Presentation is loading. Please wait.

11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Secure Enablement and CVS without Persistent Association Slide 1Qualcomm.

Published byRodney Wiggins Modified over 8 years ago

Similar presentations

Presentation on theme: "11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Secure Enablement and CVS without Persistent Association Slide 1Qualcomm."— Presentation transcript:

1 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Secure Enablement and CVS without Persistent Association Slide 1Qualcomm Incorporated Authors: 6-28-2011

2 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Motivation FCC rules require secure transmission of –White space map –Contact Verification Signal Current 802.11af draft requires a “secure association” to provide the necessary protection for transmission of the WSM and CVS –Implication: All APs will need to be enablers to associate dependent STAs All APs will need accurate geo location We aim to design a protocol that keeps the enabling AP(E- AP) function separate from the data serving AP (S-AP) function Slide 2 Qualcomm Incorporated

3 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Proposed Enablement Flowchart Slide 3 Qualcomm Incorporated Key sent in an encrypted MPDU

4 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Operation of Enablement Procedure D-STA associates with E-AP using a secure association procedure as required by the E-AP D-STA requests enablement from the E-AP using the enablement procedure. After obtaining enablement, D-STA creates a random key K and sends it to the E-AP –The D-STA and E-AP both initialize a 64-bit counter CVS-WSMSeqNo to zero. D-STA then disassociates from E-AP D-STA may then associate with any other AP, even other dependent APs (this AP is called the serving AP) All other communication from D-STA to E-AP use a “pull method” as described later Slide 4Qualcomm Incorporated

5 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Obtaining a CVS from E-AP D-STA obtains a CVS by requesting one from E-AP –CVS Request frame is a public action frame –CVS Request is a good approach since it frees the E-AP from determining whether the D-STA is in sleep mode before sending CVS D-STA obtains a CVS from E-AP as follows –The D-STA forms a Nonce and a MIC by applying the AES-CCM Generation/Encryption process [1] using the key K to the concatenation of: The current CVS-WSMSeqNo, a single direction bit set to 0, and 39 zeroes (to form a 128-bit block). –The CVS-WSMSeqNo and the MIC is sent in the CVS request public action frame. When E-AP receives a CVS request, it forms the CVS (a public action frame) as follows: –E-AP authenticates the transmitter of the CVS request through the MIC –E-AP then forms a MIC for CVS message by concatenating applying the AES-CCM Generation/Encryption process o The received CVS-WSMSeqNo, a single direction bit set to 1 and 31 zeroes The WSM-ID –E-STA forms the body of the CVS as CVS-WSMSeqNo, | Encrypted WSM-ID | MIC When D-STA receives CVS –D-STA decrypts the CVS received and verifies if the CVS-WSMSeqNo corresponds to the number sent in the CVS request and then checks the WSM-ID Slide 5Qualcomm Incorporated

6 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Frame Formats CVS/CVS Request CVS and CVS Request are Public Action Frames –CVS-WSMSeqNo. Provides replay protection Slide 6 Qualcomm Incorporated CVS Request CVS

7 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Operation if WSM changes Operation when CVS indicates new WSM-ID –D-STA requests the WSM similar to the way that it requests a CVS. –WSM request message contains CVS-WSMSeqNo and MIC obtained by applying the AES-CCM Generation/Encryption process [1] to the concatenation of: The current CVS-WSMSeqNo, a single direction bit set to 0, and 39 zeroes When E-AP receives a WSM request, it returns the WSM ( in a public action frame) as follows: –E-AP authenticates the transmitter of the WSM request through the MIC –E-AP then forms the MIC for the WSM message by concatenating The received CVS-WSMSeqNo, a single direction bit set to 1 The WSM-ID, and WSM Some zero padding may be required The WSM message is formed with CVS-WSMSeqNo, Encrypted WSM and MIC Slide 7 Qualcomm Incorporated

8 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Frame Formats WSM Request/WSM Slide 8 Qualcomm Incorporated Message formats for WSM request and WSM Request WSM

9 11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 References [1] NIST SP-800-38C Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality Slide 9 Qualcomm Incorporated

Download ppt "11-11-0908-00-00af-Secure-Enabelement-and-CVS-without-Association Submission June 2011 Secure Enablement and CVS without Persistent Association Slide 1Qualcomm."

Similar presentations

Slide 1 doc.: IEEE 802.11-10/1092r0 Submission Simone Merlin, Qualcomm Incorporated September 2010 Slide 1 ACK Protocol and Backoff Procedure for MU-MIMO.

Slide 1 doc.: IEEE /1092r0 Submission Simone Merlin, Qualcomm Incorporated September 2010 Slide 1 ACK Protocol and Backoff Procedure for MU-MIMO.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
Doc.: IEEE 802.11-09/770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: 2009-07 Authors: Russ Housley (Vigil Security), et.

Doc.: IEEE /770r0 Submission July 2009 Slide 1 TGs Authenticated Encryption Function Date: Authors: Russ Housley (Vigil Security), et.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo.

Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
Chapter 8 Web Security.

Chapter 8 Web Security.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.

1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.

Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Security Considerations for IEEE 802.15.4 Networks Karthikeyan Mahadevan.

Security Considerations for IEEE Networks Karthikeyan Mahadevan.
Air-Interface Application Layer Security: A follow up to C20-2006-327-011 Source: Lucent Technologies, Inc. S.Patel, G.Sundaram, R.Rance, S.Mizikovsky,

Air-Interface Application Layer Security: A follow up to C Source: Lucent Technologies, Inc. S.Patel, G.Sundaram, R.Rance, S.Mizikovsky,
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Similar presentations

Ads by Google