Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.

Published byEmma Stephens Modified over 10 years ago

Similar presentations

Presentation on theme: "Doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1."— Presentation transcript:

1 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1

2 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Contents Discussion on the current 802.11 security features Summary of proposed enhancements and justifications Conclusions Annex: Example Network architecture scenarios Slide 2

3 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA IEEE 802.11 security features WEP expects pre-shared secret keys between Station (STA) and Access Points (AP). This approach is not very scalable because station- to-station authentication is tied to the IEEE 802 MAC address which makes the user authentication device dependent. The current approach will not allow the user to "roam" by using different WLAN devices at different locations. User authentication is not supported - only device authentication is possible. Nowadays WLAN systems are becoming widely accepted and deployed in public networks, such as airports and hotels. In these environments a device independent, globally unique authentication string would be beneficial. Slide 3

4 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA IEEE 802.11 security (cont'd) RC4 algorithm with 40-bit key length could be increased to improve data confidentiality. To improve the radio link security longer keys up to 128 bits should be supported Attacks against message integrity are possible when the plain text is known. Negotiation of the optional security features is not supported between STA and AP. A dynamic capability set exchange is needed to overcome the compatibility problem with the old devices and to allow flexible future enhancements for the IEEE 802.11 security Mutual authentication is not supported - only STA is authenticated in the association phase Slide 4

5 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Summary of the Proposed Enhancements Support for user dependent security keys which enables WLAN-to-WLAN network roaming capabilities and allows users to change the WLAN terminal device Simple security capability information exchange to enable flexible security architecture and to allow the usage of alternative authentication methods but at the same time maintaining the compatibility with the existing legacy devices Compatibility with widely used Internet security framework to allow deployment of existing internet authentication servers for storing also 802.11 security keys Slide 5

6 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA User ID and Key Management Device independent User ID is needed to allow the user to roam between various WLAN devices and use his/her global identifier for the authentication Internet protocols already define a good widely deployed candidate for routable identifier, i.e. IETF Network Access Identifier (NAI) [RFC 2486]. It would be beneficial to utilize NAI also as the IEEE 802.11 user identifier. This would allow the operator to utilize existing Internet key servers for storing the WEP keys. Slide 6

7 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Authentication Negotiation mechanism is needed to support different authentication mechanisms As an Example following authentication mechanisms could be included to the current Authentication message: Slide 7

8 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Conclusions A generic identity type like NAI should be used as a STA identifier to the network, and The authentication procedure should include a security capability information exchange to allow future improvements and the use of new security methods. Slide 8

9 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Annex -- Example Network Architecture Scenarios Slide 10

10 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA 1. Pre-shared key based authentication Slide 11

11 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Slide 12

12 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA 2 Authentication Center based authentication Slide 13

13 doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Slide 14

Download ppt "Doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1."

Similar presentations

Authentication.

Authentication.
Wi-Fi Technology.

Wi-Fi Technology.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Doc.: IEEE 802.11-04/1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Doc.: IEEE 802.11-00/410 Submission November 2000 Duncan Kitchin, IntelSlide 1 A Network Enrollment Protocol Duncan Kitchin, Intel.

Doc.: IEEE /410 Submission November 2000 Duncan Kitchin, IntelSlide 1 A Network Enrollment Protocol Duncan Kitchin, Intel.
Doc.: IEEE 802.11-98/178 Submission July 2000 A. Prasad, A. Raji Lucent TechnologiesSlide 1 A Proposal for IEEE 802.11e Security IEEE 802.11 Task Group.

Doc.: IEEE /178 Submission July 2000 A. Prasad, A. Raji Lucent TechnologiesSlide 1 A Proposal for IEEE e Security IEEE Task Group.
Doc.: IEEE 802.19-09/0046r0 Submission July 2009 Ari Ahtiainen, NokiaSlide 1 A Cooperation Mechanism for Coexistence between Secondary User Networks on.

Doc.: IEEE /0046r0 Submission July 2009 Ari Ahtiainen, NokiaSlide 1 A Cooperation Mechanism for Coexistence between Secondary User Networks on.
Doc.: IEEE 802.15-13-0262-00-0008 Submission ETRI May 2013 Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission.

Doc.: IEEE Submission ETRI May 2013 Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission.
Submission Page 1 August 2002 doc.: IEEE 802.11-02/503r0 Daryl Kaiser, Cisco Systems Radio Measurement: A Candidate Approach Daryl Kaiser (Cisco Systems)

Submission Page 1 August 2002 doc.: IEEE /503r0 Daryl Kaiser, Cisco Systems Radio Measurement: A Candidate Approach Daryl Kaiser (Cisco Systems)
Doc.: IEEE 802.11-03/080r0A Submission January 2003 Black/Kasslin/Sinivaara, NokiaSlide 1 A Framework for RRM Simon Black, Mika Kasslin, Hasse Sinivaara.

Doc.: IEEE /080r0A Submission January 2003 Black/Kasslin/Sinivaara, NokiaSlide 1 A Framework for RRM Simon Black, Mika Kasslin, Hasse Sinivaara.
Submission 15-10-0684-00-0psc Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Integration WPAN.

Submission psc Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Integration WPAN.
Overview of the 802.10 SDE Protocol Presented by Ken Alonge Chair, 802.10.

Overview of the SDE Protocol Presented by Ken Alonge Chair,
Doc.: IEEE 802.11-04-614-01-frfh Submission July 2004 Jon Edney, NokiaSlide 1 What is an ESS? Jon Edney, Nokia.

Doc.: IEEE frfh Submission July 2004 Jon Edney, NokiaSlide 1 What is an ESS? Jon Edney, Nokia.
Doc.: IEEE 802.21-xxx Submission May 10-14, 2004 Alan Carlton, Interdigital CommunicationsSlide 1 Defining Layer 2.5 Alan Carlton Interdigital Communications.

Doc.: IEEE xxx Submission May 10-14, 2004 Alan Carlton, Interdigital CommunicationsSlide 1 Defining Layer 2.5 Alan Carlton Interdigital Communications.
Doc.: IEEE 802.11-02/516r0-I Submission September 2002 Robert Moskowitz, ICSALabsSlide 1 RADIUS Client Kickstart Robert Moskowitz, ICSALabs John Vollbrecht,

Doc.: IEEE /516r0-I Submission September 2002 Robert Moskowitz, ICSALabsSlide 1 RADIUS Client Kickstart Robert Moskowitz, ICSALabs John Vollbrecht,
Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
draft-urien-tls-psk-emv-00

draft-urien-tls-psk-emv-00
Doc.:IEEE 802.11-11/1523r4 Submission November 2011 Access Delay Reduction for FILS: Network Discovery & Access congestion Improvements Slide 1 Authors:

Doc.:IEEE /1523r4 Submission November 2011 Access Delay Reduction for FILS: Network Discovery & Access congestion Improvements Slide 1 Authors:
Submission doc.: IEEE 802.11-11/1326r1 August 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Early Key Generation by ECDH and PKC Date: 2011-09-22.

Submission doc.: IEEE /1326r1 August 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Early Key Generation by ECDH and PKC Date:

Similar presentations

Ads by Google