Presentation is loading. Please wait.

Presentation is loading. Please wait.

Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 1 Randomized MAC Addresses for Privacy Enhancement Date: 2014-03-18 Authors:

Published byMichelle Tyrrell Modified over 9 years ago

Similar presentations

Presentation on theme: "Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 1 Randomized MAC Addresses for Privacy Enhancement Date: 2014-03-18 Authors:"— Presentation transcript:

1 Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 1 Randomized MAC Addresses for Privacy Enhancement Date: 2014-03-18 Authors:

2 Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 2 Abstract This slide deck presents the idea of using randomized MAC addresses as a tool to enhance privacy in 802.11

3 Submission doc.: IEEE 11-14/0430r2 What’s the Privacy Issue? Passive observation of 802.11 bands reveals MAC addresses STAs active probing when not connected to a network Communication to connected network Location plus time plus frequency plus MAC address allows sensitive information to be gleaned This MAC address pops up around the AIDs clinic twice a week This MAC address is near the liquor store at 8am every day This MAC address leaves a certain apartment building in the early morning almost every weekend Social networks of such meta data can be built with good accuracy in positive identification Slide 3Dan Harkins, Aruba Networks March 2014

4 Submission doc.: IEEE 11-14/0430r2 What’s the Privacy Issue? Sample headlines from 11-13/1448r1: Seattle Police Deactivate Wi-Fi Spy Grid After Privacy Outcry (Nov 2013) A DHS and Seattle police network collecting location information CreepyDOL Wi-Fi Surveillance project debuts at BlackHat/DEFCON (Aug 2013) DIY surveillance with low-cost Wi-Fi based sensors that capture MAC addresses Wi-Fi Trashcans Now Silently Tracking Your Smartphone Data (Aug 2013)... the company boasted that the cans, which included LCD advertising screens, "provide an unparalleled insight into the past behavior of unique devices"—and hence of the people who carry them around Guardian article last week: Phone call metadata does betray sensitive details about your life (Mar 2014) Stanford researchers were able accurately identify volunteers in a study that gave up their meta data, determining that one person probably had MS, another probably had an abortion, and another probably grew marijuana Slide 4Dan Harkins, Aruba Networks March 2014

5 Submission doc.: IEEE 11-14/0430r2March 2014 Dan Harkins, Aruba NetworksSlide 5 Proposal When not attached to a network… Assign a random MAC address to the wireless interface of portable and mobile STAs (not fixed STAs and APs) Periodically change to a new random MAC address Don’t actively probe for known networks When attaching to a network… Choose a new random MAC address and connect While attached to a network… Keep the same MAC address for the life of the connection Cache PMKSAs (and the MAC address therein) in an RSN When reattaching to a network… Assign the MAC address from the cached PMKSA, then connect

6 Submission doc.: IEEE 11-14/0430r2 What’s a Random MAC address? Take a 48-bit datum Assign the datum a random 48-bit string Set the bit indicating “locally administered MAC” Clear the “unicast/multicast” bit indicating unicast Assign that 48-bit datum to the MAC address Slide 6Dan Harkins, Aruba Networks March 2014

7 Submission doc.: IEEE 11-14/0430r2 Obvious Question #1 Whaddya mean random? Make a random selection from the pool of available MAC addresses Each possible MAC address from the pool of available MAC addresses has equal probability of being chosen I mean the same thing as is meant by the use of the word in section 8.2.4.3.4 in IEEE Std 802.11-2012 But where does it say how to do that? Well, appendix M.5 of IEEE Std 802.11-2012 has some fine recommendations for implementers to follow Note: I’m not blazing a new trail by using the word random! Slide 7Dan Harkins, Aruba Networks March 2014

8 Submission doc.: IEEE 11-14/0430r2 Obvious Question #2 What are you gonna do about collisions? Nothing! There are 2 46 possible random MAC addresses The chosen MAC addresses have to be unique in bridged network, they don’t have to be globally unique So probability of n people choosing the same MAC address from a pool of size 2 46 is: 1 – ((2 46 – 1)/2 46 ) (n*(n-1))/2 Let’s say roughly 1000 STAs in the wireless network that means 499500 different pairings, probability becomes: 1 – ((2 46 – 1)/2 46 ) 499500 It’s too small to worry about! Slide 8Dan Harkins, Aruba Networks March 2014

9 Submission doc.: IEEE 11-14/0430r2 Obvious Question #3 Won’t this screw up a whole bunch of 802.11? Don’t think so, unless pervasive monitoring is viewed as a positive Won’t this screw up services provided to users of 802.11? Depends on the service, but probably there are some. It’s optional; UIs (not done here) can make this an opt-in If you want to take advantage of a service that requires you to be tracked then don’t use this optional feature Patient: “Doctor it hurts when I do this” Doctor: “Don’t do that” Slide 9Dan Harkins, Aruba Networks March 2014

10 Submission doc.: IEEE 11-14/0430r2March 2014 Dan Harkins, Aruba NetworksSlide 10 References 11-13/1448r1 – 802.11 privacy

11 Submission doc.: IEEE 11-14/0430r2 Straw Poll Do you support the idea of adding a description of doing randomized MAC addresses in the 802.11 standard? Yes: No: Don’t care: Slide 11Dan Harkins, Aruba Networks March 2014

12 Submission doc.: IEEE 11-14/0430r2 Motion Instruct the editor to incorporate the changes specified in 11-14/0367r2 into the TGm draft Moved by: Seconded by: Yes votes: No votes: Abstain votes: Slide 12Dan Harkins, Aruba Networks March 2014

Download ppt "Submission doc.: IEEE 11-14/0430r2 March 2014 Dan Harkins, Aruba NetworksSlide 1 Randomized MAC Addresses for Privacy Enhancement Date: 2014-03-18 Authors:"

Similar presentations

Doc.: IEEE 802.11-12/0338r1 Submission March 2012 Hung-Yu Wei, National Taiwan UniversitySlide 1 DeepSleep: Power Saving Mode to Support a Large Number.

Doc.: IEEE /0338r1 Submission March 2012 Hung-Yu Wei, National Taiwan UniversitySlide 1 DeepSleep: Power Saving Mode to Support a Large Number.
Doc.: IEEE 802.11-09/0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced 802.11 Security Date: 2009-03-13 Authors:

Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Doc.: IEEE 802.11-08/1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: 2008-11-10 Authors:

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
Doc.: IEEE 802.11-10/0824r2 Submission July 2010 Carlos Cordeiro, Intel CorporationSlide 1 Response to ITU-R Liaison to IEEE on Multiple Gigabit Wireless.

Doc.: IEEE /0824r2 Submission July 2010 Carlos Cordeiro, Intel CorporationSlide 1 Response to ITU-R Liaison to IEEE on Multiple Gigabit Wireless.
Doc.: IEEE 802.11-08/1120r2 Submission September 2008 Guido R. Hiertz et al., PhilipsSlide 1 Terminology changes in a nutshell … Date: 2008-09-09 Authors:

Doc.: IEEE /1120r2 Submission September 2008 Guido R. Hiertz et al., PhilipsSlide 1 Terminology changes in a nutshell … Date: Authors:
Doc.: IEEE 802.11-09/1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: 2009-09-15 Authors:

Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Submission doc.: IEEE 802.11-12/0325r0 March 2012 Slide 1 TIM Enhancement With Group Bits Date: 2012-03-12 Authors: Zhong-Yi Jin, Nokia.

Submission doc.: IEEE /0325r0 March 2012 Slide 1 TIM Enhancement With Group Bits Date: Authors: Zhong-Yi Jin, Nokia.
Doc. No. IEEE 11-13-0538-00-0hew-r2 Submission May 2013 Klaus Doppler, NokiaSlide 1 Dense apartment building use case for HEW Date: May 14, 2013 Authors:

Doc. No. IEEE hew-r2 Submission May 2013 Klaus Doppler, NokiaSlide 1 Dense apartment building use case for HEW Date: May 14, 2013 Authors:
April 2013 doc.: IEEE 802.11- Nov 2013 Dense Apartment Complex Capacity Improvements with Channel selection and Dynamic Sensitivity Control Date: 2013-11.

April 2013 doc.: IEEE Nov 2013 Dense Apartment Complex Capacity Improvements with Channel selection and Dynamic Sensitivity Control Date:
Doc.: IEEE 802.11-14/0328r2 Submission Dense Apartment Complex Throughput Calculations Channel Selection and DSC Date: 2014-03 Authors: Graham Smith, DSP.

Doc.: IEEE /0328r2 Submission Dense Apartment Complex Throughput Calculations Channel Selection and DSC Date: Authors: Graham Smith, DSP.
Submission doc.: IEEE 11-14/0xxx March 2014 Giwon Park, LG ElectronicsSlide 1 Discussion on power save mode for real time traffic Date: 2014-03-16 Authors:

Submission doc.: IEEE 11-14/0xxx March 2014 Giwon Park, LG ElectronicsSlide 1 Discussion on power save mode for real time traffic Date: Authors:
Doc.: IEEE 802.11-10/0259r02 Submission Date: 2010-03-15 802.11ad New Technique Proposal March 2010 Yuichi Morioka, Sony CorporationSlide 1 Authors:

Doc.: IEEE /0259r02 Submission Date: ad New Technique Proposal March 2010 Yuichi Morioka, Sony CorporationSlide 1 Authors:
Doc.: IEEE 802.11-11/0301r2 Submission March 2011 David Halasz, OakTree WirelessSlide 1 Categories of TGah Use Cases and Straw Polls Date: 2011-03-15 Authors:

Doc.: IEEE /0301r2 Submission March 2011 David Halasz, OakTree WirelessSlide 1 Categories of TGah Use Cases and Straw Polls Date: Authors:
Doc.: IEEE 802.11-12/1097r1 Submission Sep 2012 Timo Koskela, Renesas Mobile CorporationSlide 1 Reserve Channel List in 802.11ah Date: 2012-09-17 Authors:

Doc.: IEEE /1097r1 Submission Sep 2012 Timo Koskela, Renesas Mobile CorporationSlide 1 Reserve Channel List in ah Date: Authors:
Submission doc.: IEEE 11-13/0487r0 May 2013 Dan Harkins, Aruba NetworksSlide 1 How To Fragment An IE Date: 2013-05-07 Authors:

Submission doc.: IEEE 11-13/0487r0 May 2013 Dan Harkins, Aruba NetworksSlide 1 How To Fragment An IE Date: Authors:
Doc.: IEEE 802.11-14/0093r2 Submission NameAffiliationsAddressPhoneemail Hitoshi MORIOKAAllied Telesis R&D Center 2-14-38 Tenjin, Chuo-ku, Fukuoka 810-0001.

Doc.: IEEE /0093r2 Submission NameAffiliationsAddressPhone Hitoshi MORIOKAAllied Telesis R&D Center Tenjin, Chuo-ku, Fukuoka
Doc.: IEEE 802.11-03/095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins.

Doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins.
Doc.: IEEE 802.11-02/689r0 Submission November 2002 Dan Harkins, Trapeze Networks.Slide 1 Re-authentication when Roaming Dan Harkins.

Doc.: IEEE /689r0 Submission November 2002 Dan Harkins, Trapeze Networks.Slide 1 Re-authentication when Roaming Dan Harkins.
Doc.: IEEE 802.11-12/0786r2 Submission Differentiated Initial Link Setup (Follow Up) July 2012 Lin Cai et al,Huawei.Slide 1 Authors: NameAffiliationsAddressPhoneemail.

Doc.: IEEE /0786r2 Submission Differentiated Initial Link Setup (Follow Up) July 2012 Lin Cai et al,Huawei.Slide 1 Authors: NameAffiliationsAddressPhone .
Doc.: IEEE 802.11-13/0295r0 Submission PRAW Follow Up Date: 2013-3-18 Authors: March 2013.

Doc.: IEEE /0295r0 Submission PRAW Follow Up Date: Authors: March 2013.

Similar presentations

Ads by Google