Presentation is loading. Please wait.

Presentation is loading. Please wait.

HomePlug AV MAC (c) 2013 R. Newman University of Florida.

Published byNoel Cameron Modified over 8 years ago

Similar presentations

Presentation on theme: "HomePlug AV MAC (c) 2013 R. Newman University of Florida."— Presentation transcript:

1 HomePlug AV MAC (c) 2013 R. Newman University of Florida

2 What is HomePlug AV? Open industry standard –6+ manufacturers (including Intellon) –Compatible with HP1.0 Developed 2003-2007 by Homeplug Powerline Alliance (HPA) –Consortium of chip designers, OEMs, PLC users –Products shipped in 2006 Most widely available ethernet class PLC –150 Mbps coded PHY data rate –0ver 40 million units shipped Comprises –PHY – modulation, coupling, FEC, etc. –MAC – medium access, ARQ, etc. –Bridging – to other PLC networks or to 803.3/11/etc.

3 Reference Model

4 Protocol Layer Architecture

5 HPAV Challenges Backward compatibility with HP1.0 Delivered base of over 10 million chips Return customers likely Take advantage of high speed PHY Fixed time overheads for delimiters/VCS MSDUs typically less than 1500 octets Provide QoS for video/audio/gaming/etc. Latency and jitter control Bandwidth “guarantees” Deal with PHY challenges Channels change – can degrade, cause loss Impulse noise may destroy 1-2 symbols per impulse Hidden nodes, neighbor networks

6 HPAV Challenges (2) Minimize overhead Aim at 80% MAC efficiency for streams Low efficiency expected with low data rate streams User-friendly security Must be understandable Must be convenient Must be secure Stations may leave unexpectedly Consumer electronic devices Not dedicated to AVLN like AP is to WLAN

7 HPAV Solution Approaches Backward compatibility with HP1.0 Maintain common VCS Take advantage of high speed PHY Maximize PHY Body length for efficiency Provide QoS for video/audio/gaming/etc. Timestamp MSDUs with QoS needs Move on if MSDU can’t be delivered on time Admission control for new QoS streams Scheduled access

8 HPAV Solution Approaches (2) Deal with PHY challenges Allow tone maps to vary with line cycle Maintain view of channel rates Maintain view of stream backlogs Allow partial reception of MPDU RTS/CTS for hidden nodes Repeating for hidden nodes Redundancy for scheduling information Neighbor network coordination User-friendly security Mental models Network password entry Device password entry Push-button authorization

9 HPAV Solution Approaches (3) Minimize overhead Aggregation of MSDUs, management messages Minimize use of delimiters Small addresses – 8-bit Terminal Equipment IDs (TEIs) Allow for contention-free access Integrated encryption/IV derivation Stations may leave unexpectedly Employ soft state Use negotiation for determining coordinator Allow for handover/recovery of responsibilities

10 HPAV Solutions Backward compatibility with HP1.0 Hybrid delimiters – allow for common VCS Central Coordinator Allows admission control/scheduled access Must be able to move CCo/recover from loss of CCo Maintains authoritative network time base Central Beacon Provides common information Provides synchronization for access Advertises network time base (NTB) for QoS Includes persistence for redundancy Synchronized to line cycle Proxy Coordinator Repeats Central Beacon for hidden nodes

11 HPAV Solutions (2) Contention-Free Periods Managed by call admission through CCo Regions reserved for specific streams Reservations persist in same part of line cycle QoS stream creation negotiated by all parties Global link identifiers for efficient reference Expand/squeeze as needs/channels change Two-level Segmentation/Reassembly Aggregate MSDUs & MMs into MAC Frame stream Segment MF Stream for encryption/transmission Make segments unit of reliable delivery inside MAC CRC per segment Selective Acknowledgements for multiple segments

12 HPAV Solutions (3) MPDU bursting to save on ACKs Acknowledge all segments in multiple MPDUs in SACK MPDU number to know when to send SACK MPDU count to know burst duration AV Logical Networks based on cryptography Key hierarchy NMK needed to join logical network NEK used for data encryption Integrated segmentation/encryption IV derived from MPDU and segment information Push-button inherently insecure at time of join Two security levels Password parameter definition

13 HPAV Networks Physical Network (PhyNet) Relative to a station (STA) All other STAs able to communicate with the reference STA Logical Network (AVLN) Has a Central Coordinator (CCo) STA Set of STAs with same Network ID (NID) and Network Membership Key (NMK) (usually)

14 AV Logical Networks Neighbor networks Hidden nodes

15 HPAV General Operation Each AVLN has a CCo CCo is determined dynamically CCo give general information in beacon CCo admits new STAs STAs join AVLN by requesting NEK STA must have Network Membership Key (NMK) to get Network Encryption Key (NEK) Unauthenticated STAs can do very little STA gets NEK from CCo Time divided into Beacon Periods (BPs) Access information based on BP

16 HPAV Beacon Periods

17 HPAV Beacon Timing Line Cycle Crossing Time (LCT) PHY detection and digital phase lock loop (DPLL) Beacon Offset Use to keep network time base (NTB) Advertise future beacon transmit times

18 HPAV Beacon Beacon Payload holds 136 octets Uses mini-ROBO modulation Beacon sent periodically (once per BP) Sent by Central Controller (CCo) Provides reference Network Time Base (NTB) Indicates offsets for future Beacons Three Beacon types Central Beacon – issued by CCo Provides scheduling information Proxy Beacon – copy of central beacon repeated by Proxy Coordinator (PCo) when hidden nodes Discovery Beacon – sent for network discovery

19 Beacon Scheduling Info Non-Persistent Scheduling Information Can change from one Beacon Period to the next Extra allocations to backlogged QoS streams Extra CSMA region Discover beacons Persistent Scheduling Information Remains constant for advertised number of BPs Allows access even when Beacon is lost Persistence information included in Beacon Persistent CSMA allocations – for CSMA access Persistent TDMA allocations – contention-free May include preview schedule when changing

20 Beacon Schedule Persistence CSCD – current schedule countdown Minimum # BPs for which this schedule is valid PSCD – preview schedule countdown # BPs in which this schedule will take effect

21 Network Operation Modes Presence of other network protocols – HomePlug 1.0/1.0.1 – Hybrid mode Detect by EOF delimiters Set detection flag in delimiters – advertise detection Send hybrid delimiters – HomePlug AV Access network – HomePlug AV In-home network Presence of neighbor AVLNs – CSMA-Only Mode – Uncoordinated Mode – Coordinated Mode

22 Network Operation Modes CSMA-Only Mode – Issue central beacon near beginning of BP – No CFPs in CSMA-Only AVLN – Coordinated NNW requires passive coordination Stayout region to avoid CFPs of Neighbor Network Uncoordinated Mode – One beacon slot at beginning of local BP – CSMA region with minimum size – Reserved regions, CSMA regions follow Coordinated Mode – Multiple beacon slots at start of shared BP – CSMA region – Reserved, Stayout, and CSMA regions follow

23 CSMA-Only Beacon Period

24 Uncoordinated Mode BP

25 Coordinated Mode BP

26 Channel Access Beacons In Beacon Slot (Coordinated and Uncoordinated) CSMA (CSMA-Only mode, and Discovery Beacons) CSMA (Contention-based Access) Like HomePlug 1.0.1 Two priority reservation slots (PRS0, PRS1) Contention window depending on priority, history May use RTS/CTS for hidden nodes TDMA (Contention-free Access) Must have global link identifier (GLID) CCo does admission control, scheduling Schedule advertised in central beacon Backlog advertised for non-persistent extra allocation

27 Links and Connections Connections – higher layer abstraction May be unidirectional unicast, bidirectional, or multicast Do not reflect the asymmetry of PLC channels Links - Used by Convergence Layer (CL) Unidirectional (single source) May be unicast or multicast/broadcast Reflect underlying channel characteristics Allow for scheduling based on channel Local links for CSMA (source + link ID unique) Global links for TDMA (assigned by CCo) Connection Manager determines mapping to link Connectionless traffic assigned a “priority link” Priority Link IDs (PLIDs) only identify priority

28 Links and Scheduling Priority Link IDs (PLIDs): 0x00-0x03 Only indicate priority of traffic Compete in CP Local Link IDs (LLIDs): 0x04-0x7F Assigned by local STA’s CM Compete in CP Global Link IDs (GLIDs): 0x80-0xFF Used in Beacon Entries for scheduling Special values: 0xFF = local CSMA allocation 0xFE = shared CSMA allocation 0xFD = Discover Beacon by designated STA 0xFC = Contention Free Period Initiation region 0x80-0xF7 = CCo-assigned global link IDs Rest are reserved

29 Connection IDs and CSPECs Connection ID (CID) Assigned by initiating STA’s CM 16-bit concatenation of TEI and initial LLID Globally unique in AVLN Connection Specification (CSPEC) Associated with each connection Contains QoS parameters for connection Connection setup HLE gives Connection Manager (CM) CSPEC If feasible, CM contacts destination CM If destination CM/HLE agree, connection formed If GLID needed (based on CSPEC), then CCo asked If CCo agrees, assigns GLID and schedules cnx Release messages needed on failure

30 HPAV Channel Estimation Performed using SOUND MPDUs Predetermined pattern using all carriers May also used ROBO modulated data MPDUs Determines Tone Map: Modulation method for each carrier FEC rate Cyclic Prefix (CP) duration Interval of line cycle in which TM applies TM and TMI reported to STA and to CCo Sender uses for forming MPDUs and PPDUs CCo uses for allocation algorithms Initial and Dynamic CE processes TMs expire on demand or time-out in 30 sec.

31 HPAV MAC Protocol Data Units 4 MPDU Formats AV-Only Short MPDU Only HPAV preamble and Frame Control (FC) AV-Only Long MPDU Like above, but with (data) payload Hybrid Short MPDU Hybrid preamble, HP1.0 FC and HPAV FC Hybrid Long MPDU Like above, but with (data) payload HP1.0 FC is just to give HP1.0 nodes VCS Need for backward compatibility

32 AV-Only MPDU Structure

33 Hybrid MPDU Structure

34 HPAV MPDU Structure Delimiter Hybrid or AV-mode HP1.0 FC is as in HomePlug 1.0.1 (25 bits) FC_AV holds 128 bits Mapped by PHY to preamble and coded FC(s) 7 Delimiter Types Two sizes Long MPDUs have payload Short MPDUs have no payload (delimiter only) Payload (if present) consists of PHY Blocks (PBs) 520 octet or 136 octet length Encoded by PHY as FEC blocks

35 HPAV Frame Control (FC) 3 bits Delimiter Type (DT) Beacon SOF, RSOF SACK Sound RTS/CTS 1 bit Access Field (ACCESS) True iff MPDU transmitted on an Access NW 4 bits Short Network Identifier (SNID) 96 bits variant field (depends on DT) 24 bits Frame Control Check Sequence (FCCS)

36 HPAV Start of Frame (SOF) 96-bit Variant Field includes Demodulation and Virtual Carrier Sense Info Modulation (TMI) – indexes tone map (TM) Length (for VCS) – number of OFDM symbols PHY Block size (520 or 136 octet) Addressing Source Terminal Equipment ID (STEI) Destination TEI (DTEI) Link Identifier (LID) Encryption Key Select (EKS) – for decryption Lots of other stuff (cover later)

37 HPAV Selective ACK (SACK) 96-bit Variant Field includes Destination TEI (DTEI) Coordination information Encoded bitmap of correctly received PBs Bits correspond to BP position in received transmission Custom compression capability A little other stuff (cover later)

38 HPAV Reverse SOF (RSOF) Carries SACK info plus a return payload 96-bit RSOF Variant Field includes SACK Information (like SACK) Demodulation and Virtual Carrier Sense Info Modulation (TMI) – indexes tone map (TM) Length (for VCS) – number of OFDM symbols PHY Block size (520 or 136 octet) Addressing DTEI only (why? Why not STEI/LID?) A little other stuff (cover later)

39 HPAV Request/Clear to Send (RTS/CTS) Needed when hidden nodes present 96-bit Variant Field includes Addressing Source Terminal Equipment ID (STEI) Destination TEI (DTEI) Link Identifier (LID) Coordination information Duration How long is medium busy A little other stuff (cover later) BUT – only deals with one level of hidden nodes!

40 HPAV Sound/SoundAck Similar to SOF, but used for channel estimation Fixed modulation (ROBO) 96-bit Variant Field includes Channel Estimation and Virtual Carrier Sense Info Maximum TMs requested Length (for VCS) – time of payload PHY Block size (520 or 136 octet) Last SOUND flag Sound ACK flag – indicates this is an ACK Reason for SOUND Addressing STEI, DTEI, LID Some other stuff (cover later)

41 HPAV Long MPDU Structure Delimiter Determines length explicitly or implicitly SOF or RSOF One or more PB-520s (length & TMI) One PB-136 (if PB size indicates small PB) Beacon One PB-136 Sound One 520 octet or one 136 octet length Sizes can’t be mixed Only one PB-136 per MPDU Only one PB in last symbol allow for processing time

42 HPAV Data Plane Data carried MSDUs or Management Messages Encapsulated in MAC Frames For recovery and error checking MAC Frames aggregated into MF Stream MF Stream segmented for delivery

43 HPAV MAC Frames Delimit messages Aggregation for efficient transmission at high speeds Needed for disaggregation Provide timing information Needed for jitter control, delivery guarantees Check correct reassembly, decryption Integrity Check Value (ICV)

44 MAC Frame Fields MF Header MF Type (2 bits) Bit pad to end of segment MSDU without ATS MSDU with ATS Management Message with confounder MF Length (14 bits) ATS/Confounder (0 or 32 bits) Arrival timestamp for AV streams Random confounder for Management Messages Body MSDU from higher layer or Management Message Integrity Check Value (32 bit CRC) Total overhead = 6-10 octets

45 HPAV Segmentation

46 HPAV PHY Block Structure PBs are mapped by PHY to FEC Blocks FEC succeeds or fails PBs are basic unit of delivery by MAC internally PB is ACKed or retransmitted using SR-ARQ SACK specifies ACK/NAK PH Header (PBH) – 4 octets Info for reassembly, disaggregation, recovery PB Body (PBB) 512 octets or 128 octets long – not interpreted here PB Check Sequence (PBCS) CRC-32 – not encrypted – for checking PB reception PB discarded and NAKed if incorrect

47 HPAV PHY Block Structure

48 HPAV PHY Block Header Segment Sequence Number (SSN) 16 bits – segment # in MAC Frame stream Init to 0, increment on each new segment sent Discard duplicates MAC Frame Boundary Offset (MFBO) 9 bits to indicate first octet of first MF in PB Body Resynch if a segment is never received Flags (1 bit each) Valid PB Flag – in case whole PB is padding Management Message Queue Flag reassemble in MM queue instead of message queue MAC Frame Boundary Flag – is MFBO valid Oldest Pending Segment Flag No older segment will be sent again

49 HPAV Reassembly MPDU Header Provides STEI, DTEI, LID These identify reassembly stream Segment Sequence Number (SSN) Used to place segment in PBB into buffer position Recreate MAC Frame Stream MAC Frame Boundary Offset + MFB Flag If segment(s) never received, these allow next intact MAC frame to be found MAC Frame Header Type and Length fields used to find next MAC Frame Also used to locate MAC Frame Body ATS (if present) determines when to deliver MSDU

50 HPAV Data Encryption Cipher Suite used AES in CBC mode CRC-32 used as ICV for MIC IV derived from MPDU SOF, PB Header, PB location SOF variant field (12 octets) 3 least significant octets of PBH 1 octet of PB Count (location in MPDU) Encryption done on PB Body PBB is multiple of cipher block size – no waste PBB is encrypted anew each time it is sent Once a MF Stream segment is placed in a PBB, it will always be sent as that PBB

51 HPAV MPDU Bursting MPDU Bursting Multiple MPDUs sent before SACK returned Reduces delimiters and interframe space overhead MPDU Count MPDUCnt counts down to zero When MPDUCnt=0, time to send SACK Total time in CP <= 5 msec (including SACK) Sender may request SACK retransmission if lost

52 HPAV SR-ARQ Selective ACK (SACK) expected after burst SACK holds SACK Information fields for four MDPUs Each SACKI can be All Bad (default value) All Good Corresponding MPDU was not detected Mixed results One bit per PB in order (bit map) One bit per pair of PBs (consolidated bit map) Compressed bit map (custom compression) MPDU Count field Used to detect entire missing MPDUs in burst Request SACK Retransmission Only available for Global Links

53 HPAV Retransmission SACK indicates lost PBs Sender knows which segments have been received May retransmit (may even duplicate in same MPDU) Number of retransmission attempts Limited by AV parameter on maximum tries Limited by delivery deadline for QoS streams Sender may develop backlog Pending PBs reported in SOF CCo can grant extra allocation if possible CF stream may use CP for retransmission also Sender may discard segment – receiver finds this out from oldest pending segment flag

54 HPAV Bidirectional Bursting Allows data to be piggybacked on SACK Reduces delimiters and interframe space overhead Must be requested and granted SACK has RRTL field to specify length requested SOF’s BBF flag and MRTFL field specify grant length EKS is same as the forward transmission’s ACK field in SOF for reverse transmission

55 CF Region Interframe Spacing CIFS, RIFS, EIFS similar to HP1.0.1 RIFS_AV may vary – set by receiver B2BIFS needed before/after each beacon AIFS needed before new CF allocation

56 CSMA Interframe Spacing CIFS, RIFS, EIFS similar to HP1.0.1 B2BIFS needed before/after each beacon AIFS needed before SOF of new CF allocation Unless CF allocation is for contention period

57 Burst Interframe Spacing BIFS needed between burst MPDUs

58 Extended Interframe Spacing EIFS used when VCS is lost Maximum long MPDU along with SACK and IFSs

59 Central Coordinator (CCo) Issues central beacon – Determines and advertises mode of operation Associates new stations Issues TEI with lease, announces to AVLN Authenticates new stations Verifies possession of NMK, issues NEK Rotates NEK Performs admission control Determines resource needs and availability Issues Global LID Performs scheduling May perform handover Transfer CCo functions to another STA Performs neighbor network coordination

60 Mode of Operation AV-Only Mode Use AV-Only delimiters Hybrid Mode Use Hybrid delimiters How is Mode Decided? STA adopts mode of AVLN All STAs listen for HP1.0/HP1.0.1 delimiters If seen often enough, advertise using flags CCo adopts mode based on detection Revert to AV-Only if HP1.0/HP1.0.1 delimiters no longer detected

61 CCo Behavior Perform CCo Duties As long as there are other STAs in AVLN If all other STAs leave AVLN Remain CCo for at least Discovery period If no STA joins and another AVLN is present, become Unassociated STA Else become Unassociated CCo If STA in AVLN should become CCo Other STA is User-appointed and this one is not Other STA is more capable or better positioned Execute handover procedure Become STA in AVLN

62 Selecting a CCo User Selection always has precedence Allow user to control their network User must enter CCo’s MAC address Autoselection Criteria CCo capability is most important Number of other STAs in STA’s physical network is next Number of neighbor AVLNs seen is next Handover procedure to pass info to new CCo Also inform STAs in AVLN of new CCo NID remains the same Implementations must ensure handovers do not occur frequently

63 HPAV CCo Levels Level-0 CCo (no QoS support) – every STA Assoc/Authenticate new STA TEI provisioning CSMA operation Neighbor Network (NNW) passive coordination Level-1 CCo = Level-0 plus: TDMA operation/scheduling/admission control GLID provisioning Uncoordinated mode with NNWs Level-2 CCo = Level-1 plus: Coordinated mode with NNWs

64 Proxy Networks and PCos Hidden STAs (HSTAs) must have proxy for CCo PCo selected by coverage and link qualities PCo must repeat beacon and relay mgmt msgs

65 User-Friendly AVLN and STA IDs User-friendly name is printable ASCII string Use for humans to identify conveniently Of no importance to MAC – only higher layers Not guaranteed to be unique STA and AVLNs may have these assigned Assigning HFIDs Use primitive over the H1 interface for either Use Management Message to CCo for AVLN Getting HFIDs Management Message to request from STA or CCo Request not required to be encrypted Response to non-encrypted request need not provide actual HFID

66 Power-on Behavior State of STA Has it ever been a member of an AVLN? Search for AVLNs Listen for Central and Proxy Beacons Listen for Discovery Beacons Listen for Unassociated STA advertisements If find matching Network ID (NID) Associate Attempt to authenticate (get NEK) End if successful, else continue (mark NID) If time runs out If matching Unassociated STA NID, try to form AVLN Else if AVLN present, advertise Unassociated STA Else become Unassociated CCo (issue beacon)

67 Unassociated STA Advertise infrequently Issue Unassociated STA advertisements Send once per Discovery Period, more or less Synchronize to an existing AVLN Adopt mode (Hybrid or AV-Only) from Beacon Use NTB of AVLN Use SNID of AVLN in multi-network broadcasts If find matching Network ID (NID) If beacon, try to join AVLN If unassociated STA, try to form AVLN If AVLN disappears Become Unassociated CCo

68 Authenticated STA Determine whether should become CCo If STA is a User-appointed CCo, and current CCo is not a User-appointed CCo, request handover May also execute CCo Selection process, become CCo if more capable or better positioned May become CCo if current CCo fails and STA is backup Adopt mode of operation from Beacon Advertise detection of HP1.0/HP1.0.1 delimiters Piggybacked in SOF, SACK, etc. If AVLN lost No central/proxy beacon for timeout period Start Power-on Procedure If asked to leave Become Unassociated STA

69 AVLNs Have a CCo CCo issues central beacon, acts as coordinator May have Proxy Coordinator(s) also Share same Network ID (NID) NID normally derived from NMK Should uniquely identify AVLN Remains constant regardless of CCo Share same Security Level NMK associated with SL SL must be the same throughout AVLN Share same NEK CCo provides NEK during authentication using NMK NEK used to encrypt traffic in AVLN

70 Sub-AVLNs One AVLN may have multiple sub-AVLNs Share a single CCo Each Sub-AVLN has its own NMK Allows partition of nodes in AVLN to distinct sets One set can be effectively removed by removing its NMK and issuing a new NEK to remaining sets All Sub-AVLNs share same Network ID (NID) NID not derived from NMK (well, maybe one is) CCo must use MAC address to decide which NMK to use for a given STA

71 Association with an AVLN Association provides a unique identifier CCo assigns a valid TEI with lease on request STA uses special TEI=0x00 before obtaining TEI NID or SNID must be used to disambiguate TEIs Obtaining a TEI STA makes request CCo responds (decline or provide valid TEI/lease) If accepted, CCo advertises all TEI/MAC addresses TEI must be renewed before lease expires Leaving an AVLN STA may leave voluntarily – send disassociate message TEI lease may expire CCo may ask STA to leave – send leave message

72 Authentication Process Steps Association is obtaining a valid TEI Authorization is obtaining a valid NMK Authentication is obtaining a valid NEK Obtaining a valid NEK STA must have NMK first STA requests NEK from CCo using NMK, provide nonce If CCo decrypts, NMK is valid; provide NEK and nonce using NMK, else CCo indicates failure Updating NEK NEK rotated at least once per hour CCo requests nonce (NEK encrypted); STA responds with nonce (NEK encrypted) CCo sends set key msg with nonce encrypted with NMK and old NEK; STA acknowledges using same keys

73 Forming a New AVLN Circumstances for new AVLN formation Two Unassociated STAs with matching NID Two Unassociated STAs using DAK Two Unassociated STAs, one in Join, one in Add Two Unassociated STAs, both in Join Matching NID Determine from Unassociated STA advertisements Decide who becomes CCo from CCo capabilities and MAC address in Unassociated STA advertisements Winner becomes Unassociated CCo, sends beacons Other STA(s) join it by associating, authenticating Loser(s) continue to send Unassociated STA advertisements until beacon with NID detected Multiple AVLNs with same NID/NMK can merge

74 Forming a New AVLN (2) DAK-based Protocol STA with Device Access Key (DAK) of another STA broadcasts a set-key message encrypted with DAK holding a TEK Any STA receiving a message like this tries to decrypt it If it succeeds, then it replies (unicast) encrypting with the Temporary Encryption Key (TEK) the message held If the initiating STA decrypts a response encrypted with the TEK, it sends a set-key message with the new NMK and the nonce in the reply encrypted with the DAK If the new STA decrypts this message with its DAK and the nonce matches, it sets its NMK and NID STAs decide who becomes the CCo from capabilities in the exchanged messages CCo issues beacons, other STA associates, authenticates

75 Forming a New AVLN (3) Push-button Mechanism Button press causes STA in AVLN to admit another STA STA never in AVLN (or reset) will join an AVLN Two Unassociated STAs, one in Join, one in Add STA that has been in an AVLN will enter silent Add state STA in Join state will broadcast its desire to join an AVLN STA in Add state will respond unicast and become CCo STA in Join will associate with new AVLN STAs should perform channel adaptation STAs then start UKE protocol Exchange hash keys Hash these to form temporary encryption key (TEK) Use TEK to send NMK from CCo to new STA STA then authenticates using NMK

76 Forming a New AVLN (4) Two Unassociated STAs, both in Join STA in Join state will broadcast its desire to join an AVLN STAs will see each other’s advertisements STAs decide who should become CCo from capabilities Winner becomes CCo, generates new random NMK, switches to Add state, sends confirmation to other STA STA in Join will associate with new AVLN STAs should perform channel adaptation STAs then start UKE protocol Exchange hash keys Hash these to form temporary encryption key (TEK) Use TEK to send NMK from CCo to new STA STA then authenticates using NMK

77 Joining an Existing AVLN The new STA must end up with the same NID, and a valid NMK at the same security level New STA has matching NID and same NMK Prepositioned NMK, NMK entered, or previously in AVLN STA in existing AVLN sends DAK-encrypted management message with NMK in it Device’s DPW entered or DAK/MAC pair provided STA in existing AVLN enters Add mode and new STA is in Join mode STAs perform UKE protocol NMK must be SL-SC not SL-HS

78 Joining an AVLN (2) Matching NID Determine NID from Beacons New STA associates, gets TEI New STA authenticates using NMK If successful, new STA obtains NEK Otherwise, new STA notes that this AVLN with matching NID is not the one it can join

79 Joining an AVLN (3) DAK-based Protocol STA in AVLN with Device Access Key (DAK) of another STA broadcasts a set-key message encrypted with DAK holding a TEK (unicast if it knows MAC) Any STA receiving a message like this tries to decrypt it If it succeeds, then it replies (unicast) encrypting with the Temporary Encryption Key (TEK) the message held If the initiating STA decrypts a response encrypted with the TEK, it sends a set-key message with the new NMK and the nonce in the reply encrypted with the DAK If the new STA decrypts this message with its DAK and the nonce matches, it sets its NMK and NID New STA associates with AVLN New STA authenticates with NMK, gets NEK

80 Joining an AVLN (4) Push-button Mechanism Button press causes STA in AVLN to admit another one STA never in AVLN (or reset) will join an AVLN New STA in Join, other STA in Add mode STA that is in an AVLN will enter silent Add state STA in Join state will broadcast its desire to join an AVLN STA in Add state will respond unicast STA in Join will associate with AVLN of STA in Add mode STAs should perform channel adaptation STAs then start UKE protocol Exchange hash keys Hash these to form temporary encryption key (TEK) Use TEK to send NMK from CCo to new STA New STA then authenticates using NMK

81 HPAV Security Purposes Control access to the AVLN Maintain confidentiality and integrity of messages Mechanisms AES-128 in CBC mode CRC-32 Integrity Check Value SHA-256 Hash function Nonces Channel adaptation Usability Network Password (NPW) Device Password (DPW) Push-button mechanism

82 HPAV Keys Device Access Key Derived from DPW Unique to STA and permanent Authorizes control of STA Network Membership Key May be generated randomly May be derived from NPW Authorizes access to AVLN Network Encryption Key Generated by CCo Rotated at least once per hour Distributed using NMK Encrypts (almost) all traffic on AVLN

83 HPAV Keys (2) Temporary Encryption Key Generated during key exchange protocol Valid for short time (5 min) Hash Key Generated during UKE protocol 384-bit quantity Used to generate TEK Nonce Generated during protocol run Used to assure freshness Used for association of messages in protocol run

84 HPAV Security Levels Two Security Levels High Security Simple Connect SL is associated with NMK Key’s SL determines how it can be distributed SL of NMK determines SL of AVLN Key Distribution Compatibility NMK-SC may be distributed using any mechanism NMK-HS may not be distributed using UKE Setting Security Level SL-SC set during UKE SL provided with NMK when set by NPW or DAK NMK must be discarded if SL changed

85 Setting NMK Set by HLE using primitive Sets NID and SL also Used for derivation from NPW Also used for higher layer protocols Set by DAK-based protocol HLE provides DAK (and optionally MAC) STA sends set-key messages encrypted with DAK Successful decryption of message causes response Response encrypted with TEK, has nonce If TEK used, then STA sends DAK-encrypted NMK, nonce Set by Push-button Authorization User indicates desire for units to join AVLN with button presses

86 Unicast Key Exchange (UKE) Used in Push-button Authorization Use of public key crypto does not solve the problem Issue is user indicating desire for STA to join AVLN Must be able to detect, recover from errors STAs must be associated in same AVLN Channel adaptation Exchange of Hash Keys Key Derivation Hash keys are hashed to produce TEK TEK is used to distributed NMK SL is SL-SC

87 HPAV Conclusions Comprehensive Protocol Supports all traffic types Supports jitter control, bandwidth, delay, etc. Complicated! Variety of roles and modes Large number of Management Messages Coexistence Detects and coexists with HP1.0/1.0.1 Can coordinate with neighbor AVLNs User-friendly A primary goal Intuitive and easy security setup

Download ppt "HomePlug AV MAC (c) 2013 R. Newman University of Florida."

Similar presentations

Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.

Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.
William Stallings Data and Computer Communications 7th Edition

William Stallings Data and Computer Communications 7th Edition
Intermediate TCP/IP TCP Operation.

Intermediate TCP/IP TCP Operation.
OPERA BPL (c) 2013 R. Newman University of Florida.

OPERA BPL (c) 2013 R. Newman University of Florida.
802.11 – Wireless PHY and MAC Stallings 502-507. Types of 802.11 802.11 Infrared 802.11 FHSS (frequency hopping spread spectrum) 802.11 DSSS (direct sequence.

– Wireless PHY and MAC Stallings Types of Infrared FHSS (frequency hopping spread spectrum) DSSS (direct sequence.
8-Reliability and Channel Coding Dr. John P. Abraham Professor UTPA.

8-Reliability and Channel Coding Dr. John P. Abraham Professor UTPA.
HomePlug AV Technical Overview ISPLC 2006 – Orlando, FL March 28, 2006 Larry Yonge HomePlug AV TWG Chair.

HomePlug AV Technical Overview ISPLC 2006 – Orlando, FL March 28, 2006 Larry Yonge HomePlug AV TWG Chair.
1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.

1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.
Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.

Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.
OSI Model.

OSI Model.
EE 4272Spring, 2003 Protocols & Architecture A Protocol Architecture is the layered structure of hardware & software that supports the exchange of data.

EE 4272Spring, 2003 Protocols & Architecture A Protocol Architecture is the layered structure of hardware & software that supports the exchange of data.
EE 4272Spring, 2003 Chapter 14 LAN Systems Ethernet (CSMA/CD)  ALOHA  Slotted ALOHA  CSMA  CSMA/CD Token Ring /FDDI Fiber Channel  Fiber Channel Protocol.

EE 4272Spring, 2003 Chapter 14 LAN Systems Ethernet (CSMA/CD)  ALOHA  Slotted ALOHA  CSMA  CSMA/CD Token Ring /FDDI Fiber Channel  Fiber Channel Protocol.
EEC-484/584 Computer Networks Lecture 13 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 13 Wenbing Zhao
© Janice Regan, CMPT 128, 2007-2012 0 CMPT 371 Data Communications and Networking Ethernet, ARP.

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Ethernet, ARP.
CMPT 471 Networking II Address Resolution IPv6 Neighbor Discovery 1© Janice Regan, 2012.

CMPT 471 Networking II Address Resolution IPv6 Neighbor Discovery 1© Janice Regan, 2012.
IEEE 802.11 Wireless LAN Standard Chapter 14. IEEE 802 Protocol Layers.

IEEE Wireless LAN Standard Chapter 14. IEEE 802 Protocol Layers.
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.

VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
Data Communications and Networks Chapter 2 - Network Technologies - Circuit and Packet Switching Data Communications and Network.

Data Communications and Networks Chapter 2 - Network Technologies - Circuit and Packet Switching Data Communications and Network.
Switching Techniques Student: Blidaru Catalina Elena.

Switching Techniques Student: Blidaru Catalina Elena.
Data Communications and Networking

Data Communications and Networking

Similar presentations

Ads by Google