1. IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-00xx-00-sec Title: IEEE 802.11r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present at IEEE 802.21 meeting in September of 2009 Authors: Lily Chen (NIST) Abstract: This document reviews IEEE 802.11r solution in Fast BSS Transition. The purpose is to pursue a proper approach in accommodating different authentication options in media independent handover. 121-09-00xx-00-sec

2. 2 IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEEs name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEEs sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/faq.pdf> Section 6 of the IEEE-SA Standards Board bylawshttp://standards.ieee.org/guides/bylaws/sect6-7.html#6http://standards.ieee.org/board/pat/faq.pdf

3. IEEE 802.11 Network MAC PHY IEEE 802.11 Not 802.11

4. Fast BSS Transition 21-09-00xx-00-sec4 Network (not 802.11) Transition

5. IEEE 802.11 4-Way Handshake STA-PMKAP-PMK EAPOL-Key (..., …, ANonce) EAPOL-Key (..., …, SNonce, STA RSN IE, MIC) EAPOL-Key (..., …, ANonce, AP RSN IE, MIC) Generate ANonce Generate SNonce Drive PTK EAPOL-Key (..., …, MIC) Install TK Peer EAP ServerAuthenticator MSK EAP (Full Auth, Pre-Auth, or Re-Auth) IEEE 802.11 NOT IEEE 802.11

6. IEEE 802.11r Key Hierarchy It introduces two level of PMKs PMK-R0 derived from MSK (or PSK) PMK-R1s derived from PMK-R0.

7. IEEE 802.11r – Fast BSS Transition STA Current AP- PMK_R1 A Target AP-PMK_R1 B Secure session and data Auth Req (FT … FIIE(SNonce …)) Auth Res (FT … FIIE(SNonce, ANonce …)) PTK B Generated Re-association Req (….) Re-association Res (….) (New) Secure session and data

8. IEEE 802.11r Key Distribution The R0KH and the R1KH are assumed to have a secure channel between them that can be used to exchange cryptographic keys without exposure to any intermediate parties. The cryptographic strength of the secure channel between the R0KH and R1KH is assumed to be greater than or equal to the cryptographic strength of the channels for which the keys will be used. This standard assumes that the key transfer includes the PMK-R1, the PMK-R1 PMKSA, the PMK-R1 context, and the associated key authorizations. The protocol for distribution of keying material from the R0KH to the R1KH is outside the scope of this standard. - IEEE 802.11r, Clause 11A.2.2

9. What do we learn? Key distribution is not a part of IEEE 802.11r. A specific EAP method is not a part of IEEE 802.11. It is independent to whether it is a Pre-authentication; Re-authentication; or Full-authentication.

10. What we should ask? Do we have to introduce specific EAP methods in IEEE 802.21a? Shall MIHF or any IEEE 802.21 entities handle specific authentication? If it is in EAP layer or above, then we will need to add function of a peer, an authenticator, or a server to 21 the 21 entity. If it is a low layer, then it cannot be media independent.

11. Things to clarify In contribution 144, Alternative I: Work with 802.11 and 802.16 to introduce pre-authentication architecture. Pre-authentication is out of the scope of 802.11. This alternative obviously does not apply 802.11. (For 802.16, further study is needed.)