Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-07-0018-01-000s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 1 Peer link Set-up and Maintenance Notice: This document has.

Similar presentations


Presentation on theme: "Doc.: IEEE 802.11-07-0018-01-000s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 1 Peer link Set-up and Maintenance Notice: This document has."— Presentation transcript:

1 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 1 Peer link Set-up and Maintenance Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE Working Group. If you have questions, contact the IEEE Patent Committee Administrator at.http:// Date: Authors:

2 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 2 Abstract Peer links are a basic building block of any mesh network So far we have re-used the Association of the baseline protocol –see draft D.1 We have discussed the need for a true peer link set-up protocol that is robust, fast and secure –That combination proves a tough nut to crack but we are working on it We have not discussed how we monitor a link and terminate it in an orderly manner –That is the subject of this presentation

3 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 3 The bigger picture: Mesh Services Discovery –Allows MPs to find others MPs and their roles Peer Link Control –Uses information provided by the Discovery Service –Allows MPs to set up, maintain and close secure links between MPs that are considered neighbours according to some criteria Transport –Gets the bits across a link between two neighbour MPs that have joined the mesh (using the Formation Service) Routing –Creates routes to destinations inside or outside the mesh – uses the Transport Service Forwarding –Delivers bits across the mesh using the Transport Service

4 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 4 Mesh Services Discovery Service Transport Service Routing Service Forwarding Service Peer Link Control Basic MAC Services Mesh MAC User (LLC) Layer Management Security Services

5 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 5 Taking a step back Mesh networks are assumed to adapt to changes in environment and/or traffic demands –That implies their connections change over time To determine who to link up with a mesh node must have some basic data about other nodes: –Mesh ID, Capabilities, protocol, etc, all data are provided in beacons and probes – overhead, but a necessary one The peer link set-up process uses the above to find candidate peer nodes –The peer link set up process determines if a candidate becomes a real peer Peer link set up is relative slow and costly in terms of overhead –The “assett” of a peer link merits close monitoring to avoid unnecessary re-establishment

6 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 6 Phases in the life of a peer link instance Set-up –Starts from nothing Uses full EMSA handshake or abbreviated EMSA handshake –Results in a secure link or nothing… Operation –Supports secure frame transmission –Does self-monitoring in the absence of traffic Close –Assures orderly termination under all conditions

7 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 7 Peer Discovery, example A collects information about other mesh members and decides to which to peer with Mesh ID, Capability, etc + PMK & Cipher Suite Information Beacon/Probe Response A B B B B B B B B

8 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 8 (Abbreviated) Peer link set-up, example The result is –An identifiable, bi-directional set of secure unicast “connections” between A and B (Link-ID = ANonce||BNonce) –A secure broadcast “connection” from A to B (and all MPs with which it has set-up a peer link) AB Open(ANonce, PMKInfo, Cipher Suite Info, GTK1, MIC) Open(BNonce, PMKInfo, Cipher Suite Info, GTK2, MIC) Confirm(BNonce||ANonce, PMKInfo, Cipher Suite Info, MIC) Confirm(ANonce||BNonce, PMKInfo, Cipher Suite Info, MIC)

9 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 9 Peer link Operation …is used for all frame exchanges between peers –Unicasts from A>>B and B>>A For data transport and some management functions –Broadcasts from A>>all-peers-of-A For some routing functions For some management functions –Broadcasts from all-peers-of-A>>A For some routing functions For some management functions …Is self-monitoring to assure continuity in the absence of traffic and routing frames –Using unicast or broadcasts of “Thumbs-up” management frame Unicast is more efficient for a small number of peers –Failure of peers to respond leads to termination of Link Operation through Peer Link Close and, eventually to a new Peer Link Set-up

10 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 10 Peer link Close Attempts to orderly close a peer to peer link –By de-activation of the link instance using a secure unicast Non-protected unicast creates an opportunity for DoS attacks –Peer responds with a Close “confirmation” Absence of a response within “Close time out” causes A to assume that the link instance is inactive AB Close (Link-ID, ANonce’,MIC) Close(Link-ID, BNonce’,MIC)

11 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 11 High Level Peer Link Instance State Machine Two-way THUMBS-UP Set-up Close Operation Two-way CONFIRM OPEN or CONFIRM time-out THUMBS-UP Time out Two-way CLOSE or CLOSE time-out OPEN, OPEN time- out, etc Note: operationally, there is no need for an idle state: if there is no need to set up a link, there is no mesh, etc

12 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 12 Another look at Thumbs-up Each side sends T-up at T_up_interval and keeps a T_up _timer (> T_up_interval) –miss n in a row and you are assumed to be lost –T_up_interval can be varied with traffic density No need to respond: can be broadcast or unicast –Unicast under a TxOP allows immediate response if desirable Each instance is new - assures no spoofing is possible AB Thumbs-up (Link-ID, ANonce’,MIC) Thumbs-up (Link-ID, BNonce’,MIC)

13 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 13 Context for the Link Instance State Machine The link state machine is an instance that is created by events external to it and that disappears when there is no connection Two-way CLOSE or CLOSE time-out causes the instance to be terminated Set-up Close Operation Two-way CONFIRM OPEN or CONFIRM time-out THUMBS-UP Time out OPEN, OPEN time- out, etc out of scope for peering protocol New Peer Discovered or Open from peer while enabled causes an new instance to be created “Disable Mesh/Mesh Link ”command ??? Idle THUMBS-UP received

14 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 14 Link Process Description – Unilateral actions If a link to some MP is needed, send an Open with a new Local L.ID –The target MP is provided by Discovery or another function within the MP – that part is out of scope here. If a secure link has been set up, each, MP may want to send probes (Thumbs-up) to the other end to make sure it is still there. A Link-_time_out timer will catch link failures in the absence of any traffic between the nodes

15 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 15 Basic Peer Link Set-up- Responder CaseCurrent State Received ContentAction 1IdleTriggered by external eventNew L.ID = Active L.ID state = Open 2OpenOpen (Active L.ID = Peer L.ID)Process other variables 3OpenOpen (Active L.ID = Peer L.ID +Peer Local L.ID) Process other variables, state = Confirm 4OpenTime-outDrop Active L.ID state = Idle 5ConfirmConfirm (Active L.ID = Peer L.ID +Peer Local L.ID) Process other variables 6ConfirmConfirm (Active L.ID = Peer L.ID +Peer Local L.ID) Process other variables, state =Monitor 7ConfirmTime-outDrop L.ID & Peer ID state = Idle

16 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 16 Basic Link Monitor & Close - Responder CaseCurrent State ContentAction 1MonitorAny with invalid MICIgnore 2MonitorProbe (Active L.ID = Peer L.ID +Peer Local L.ID) Restart protective link probe timer 3MonitorClose (Active L.ID = Peer L.ID +Peer Local L.ID) or Close_time_ out Send Close, state = Close 4MonitorAnything elseIgnore 3CloseClose (Active L.ID = Peer L.ID +Peer Local L.ID) or Close_ time_out State = Idle 3CloseOpen (new Peer L.ID)New L.ID = Active L.ID Set Local L.ID, state = Open 3 CloseAnything elseIgnore

17 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 17 Adding Security Set-up Close Operation Two-way CONFIRM OPEN or CONFIRM time-out THUMBS-UP Time out OPEN, OPEN time-out, etc Abbreviated EMSA handshake Full 802.1X handshake Sync Link IDs and GTKs Validate possession of PMK Parameters external to the Link Process determine the security details of the Set-up phase Sync Link IDs Validate possession of PMK (4-way hsk) Perform 802.1X exchange Sync Link IDs Validate possession of PMK Perform MKD exchange EMSA “get key” handshake

18 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 18 Peer Link Set-up with Full EMSA handshake CaseCurrent Link State ContentAction 3aOpen/cActive L.ID = Peer L.ID +Peer Local L.ID, Authenticate: start 802.1X exchange, etc) Process other variables, if authentication complete: state = Confirm, send Confirm (802.1X exchange and first 2 of 4-way handshake) 5aConfirmConfirm (Active L.ID = Peer L.ID +Local L.ID) **) Process other variables 6aConfirmConfirm (Active L.ID = Peer L.ID + Local L.ID …MIC) **) Process other variables, state =Monitor **) Ideally these two should look like the last two of the 4way handshake

19 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 19 Peer Link Set-up with Abbr. EMSA handshake CaseCurrent Link State ContentAction 3bOpen (Active L.ID = Peer L.ID +Peer Local L.ID… GTK, MIC, etc) Process other variables, if GTK is ok: state = Confirm, send Confirm 5aConfirmConfirm (Active L.ID = Peer L.ID +Local L.ID) Process other variables 6aConfirmConfirm (Active L.ID = Peer L.ID + Local L.ID …MIC) Process other variables, state =Monitor

20 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 20 Impact on the draft Re-sequence to improve accessibility: –A11.1 Mesh Overview Mesh Membership / Mesh ID Channel Selection Default Mesh metric Default Wireless Mesh Routing Protocol Default Mesh Security (EMSA = Efficient Mesh Security Architecture) Mesh Transport: Mesh Unicast, Mesh Broadcast/Multicast (forwarding) Extensibility –A11.2 Peer Link Control Procedures Discovery Set-up – invokes EMSA security Monitor Close –A11.3 Mesh Transport and Forwarding –A11.4 Interworking –A11.5 HWMP

21 doc.: IEEE s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 21 Summary Mesh Link processes cover three phases: set-up, monitor and close Adding security does not change this – EMSA (full and abbrev.) can be incorporated into the set-up phase The three possible cases: full 802.1X, MKD key pull and abbreviated handshake can be performed as part of the peer link open/confirm process By separating out link monitor and link close, the whole process can be made more easily understood and the state machine simplified The context in which this process operates can be mapped to the infamous/abstract MLME interface With a bit of restructuring, the mesh part of the Amendment can be made easier to understand and apply.


Download ppt "Doc.: IEEE 802.11-07-0018-01-000s Submission February 2007 Jan Kruys e.a. Cisco SystemsSlide 1 Peer link Set-up and Maintenance Notice: This document has."

Similar presentations


Ads by Google