1. doc.: IEEE 802.15-15-0xxx-00-0010 Submission January 2015 N. Sato and K. Fukui (OKI)Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Security Aspect of L2R] Date Submitted: [ 13 January, 2015] Source1: [Noriyuki Sato, Kiyoshi Fukui] Company [OKI] Address [2-5-7 Hommachi chuo-ku, Osaka, Japan] Voice:[+81-6-6260-0700], FAX: [+81-6-6260-0770], E-Mail:[sato652@oki.com, fukui535@oki.com] Re: [This is the original document.] Abstract:[Summarize of L2R Security Aspect ] Purpose:[To initiate discussions] Notice:This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release:The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15.

2. doc.: IEEE 802.15-15-0xxx-00-0010 Submission January 2015 N. Sato and K. Fukui (OKI)Slide 2 Security Aspect of L2R TG10 presentation 28 th August 2014 Noriyuki Sato / Kiyoshi Fukui OKI Electric Industry Co., Ltd.

3. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Objective We intend to incorporate KMP as one of security mode of L2R With sharing and reviewing the current idea in TG10, we would like to clarify any issue exists. January 2015 N. Sato and K. Fukui (OKI)Slide 3

4. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Overview of L2R PAN –PAN Coordinator initiates PAN –PAN Coordinator provides a unique short address within PAN L2R Mesh Tree –L2R can establish downstream and upstream route on which the tree root and each node communicate. –P2P communication is done on the route by combination of upward and downward via the tree root or on the route of shortest path by using reactive routing 3 Security modes –Non secured, Pre-shared and KMP –Security mode is announced by TC-IE in the beacon January 2015 N. Sato and K. Fukui (OKI)Slide 4

5. doc.: IEEE 802.15-15-0xxx-00-0010 Submission How to incorporate KMP into L2R 802.15.9 (KMP) provides a transportation of key management protocol between a coordinator and a node using MAC link –KMP itself is out of scope of 802.15.9 –802.15.9 supports a communication on a link (1-hop) and it doesn’t support multi-hop A joining node needs to communicate with PAN coordinator for KMP in L2R –A join node communicates a coordinator in radio range –The coordinator relays KMP message to the PAN coordinator using L2R –A frame between a joiner and the parent coordinator is with KMP IE –A frame between the parent coordinator and the PAN coordinator is with KMP IE and KMP Relay IE defined in L2R January 2015 N. Sato and K. Fukui (OKI)Slide 5

6. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Procedure and messages secured January 2015 N. Sato and K. Fukui (OKI)Slide 6 Beacon has an IE which show what network runs here. A joiner choses appropriate network. Clear text or encrypted by common pre-shared key for joiners During association procedure, the parent router request unique short address to be assigned to the new joiner. Joiner – Parent: Clear text or encrypted by common pre-shared key for joiners Parent – PAN Coordinator: Secured by the keys share by KMP Joiner – Parent – PAN Coordinator: Secured by the keys share by KMP All L2R message in Beacon and MP are encrypted by the appropriate key distributed by KMP. A joiner selects tree which it joins to.

7. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Architecture on 802.15.9 January 2015 N. Sato and K. Fukui (OKI)Slide 7 Other service using MP Information elements KMP Service Key Management Protocol Data higher layer MP Information Element Shim Data MCPS MAC Services PHY Services Keys Configuration Key requests Data Traffic IE Frames

8. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Architecture L2R with KMP January 2015 N. Sato and K. Fukui (OKI)Slide 8 Other service using MP Information elements KMP Service Key Management Protocol Data higher layer MP Information Element Shim Data MCPS MAC Services PHY Services Keys Configuration Key requests Data Traffic IE Frames Boot strap entity of higher layer L2R KMP Relay Keys per neighbor or per L2R

9. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Joiner device behavior January 2015 N. Sato and K. Fukui (OKI)Slide 9 Other service using MP Information elements KMP Service Key Management Protocol Data higher layer MP Information Element Shim Data MCPS MAC Services PHY Services Keys Configuration Key requests Data Traffic IE Frames Boot strap entity of higher layer L2R KMP Relay Keys per neighbor or per L2R

10. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Relay (Parent) device behavior January 2015 N. Sato and K. Fukui (OKI)Slide 10 Other service using MP Information elements KMP Service Key Management Protocol Data higher layer MP Information Element Shim Data MCPS MAC Services PHY Services Keys Configuration Key requests Data Traffic IE Frames Boot strap entity of higher layer L2R KMP Relay Keys per neighbor or per L2R

11. doc.: IEEE 802.15-15-0xxx-00-0010 Submission PAN Coordinator device behavior January 2015 N. Sato and K. Fukui (OKI)Slide 11 Other service using MP Information elements KMP Service Key Management Protocol Data higher layer MP Information Element Shim Data MCPS MAC Services PHY Services Keys Configuration Key requests Data Traffic IE Frames Boot strap entity of higher layer L2R KMP Relay Keys per neighbor or per L2R

12. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Discussion A Do you see any issue on proposing architecture and procedure? January 2015 N. Sato and K. Fukui (OKI)Slide 12

13. doc.: IEEE 802.15-15-0xxx-00-0010 Submission Discussion B Security for PAN or security for tree –Assuming that communication between the parent and the PAN coordinator should be secured. –If we have security only for tree without common security for PAN, communication between the parent and the PAN coordinator will not be assured to be secured since it is up to security mode for tree. (If one of tree operates with non secured without common security for PAN, it is not assured that all message to the PAN coordinator is secured unless PAN coordinator is a member of secured tree.) Key parameters in data request primitive in L2R –If the common key in the L2R distributed by KMP, NHL of L2R or L2R can set appropriate key to invoke data request primitives of L2R and MAC. –If the individual link keys are distributed by KMP, NHL doesn’t aware which next hop is but l2R layer knows what is the next hop and can set appropriate link key to communicate with next hop. Address assignment and KMP needs PAN coordinator address and all nodes needs to routable to the PAN coordinator –If the PAN coordinator doesn’t join to any tree, …. –If a joiner node wants to join the tree A but the PAN coordinator belongs to tree B, ….  A special tree to which all nodes join solves this issue….. January 2015 N. Sato and K. Fukui (OKI)Slide 13